First published: Mon Jun 10 2024(Updated: )
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trend Micro Apex One |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-36304 has been classified as a high severity vulnerability.
To address CVE-2024-36304, users should update to the latest version of Trend Micro Apex One provided by the vendor.
CVE-2024-36304 could allow a local attacker to escalate their privileges on affected systems.
CVE-2024-36304 affects installations of Trend Micro Apex One and Apex One as a Service.
An attacker must first have the ability to execute low-privileged code on the target machine to exploit CVE-2024-36304.