ZDI-23-231: Trend Micro TXOne StellarOne Improper Access Control Privilege Escalation Vulnerability
First published: Fri Mar 17 2023(Updated: )
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro TXOne StellarOne. Authentication is required to exploit this vulnerability.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro TXOne StellarOne |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this security issue?
The vulnerability ID is ZDI-23-231.
What is the severity of the ZDI-23-231 vulnerability?
The severity of the ZDI-23-231 vulnerability is high with a CVSS score of 8.3.
Which software is affected by the ZDI-23-231 vulnerability?
The ZDI-23-231 vulnerability affects Trend Micro TXOne StellarOne.
What is the impact of the ZDI-23-231 vulnerability?
The ZDI-23-231 vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro TXOne StellarOne.
How can the ZDI-23-231 vulnerability be exploited?
To exploit the ZDI-23-231 vulnerability, authentication is required and attackers can exploit the improper access control in the Account endpoint of Trend Micro TXOne StellarOne.
- collector/zdi-published
- alias/ZDI-CAN-18848
- agent/type
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/severity
- agent/references
- agent/description
- agent/tags
- agent/title
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-23-231
- alias/CVE-2023-25069
- agent/software-canonical-lookup
- vendor/trend micro
- canonical/trend micro txone stellarone