ZDI-CAN-18848: ZDI-23-231: Trend Micro TXOne StellarOne Improper Access Control Privilege Escalation Vulnerability
First published: Fri Mar 17 2023(Updated: )
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro TXOne StellarOne. Authentication is required to exploit this vulnerability.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Trend Micro TXOne StellarOne |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is vulnerability ZDI-CAN-18848?
Vulnerability ZDI-CAN-18848 is an improper access control privilege escalation vulnerability in Trend Micro TXOne StellarOne.
What is the severity of vulnerability ZDI-CAN-18848?
The severity of vulnerability ZDI-CAN-18848 is high, with a CVSS score of 8.3.
How does vulnerability ZDI-CAN-18848 work?
Vulnerability ZDI-CAN-18848 allows remote attackers to escalate privileges by exploiting the lack of proper access control in the Account endpoint of Trend Micro TXOne StellarOne.
Is authentication required to exploit vulnerability ZDI-CAN-18848?
Yes, authentication is required to exploit vulnerability ZDI-CAN-18848.
How can I fix vulnerability ZDI-CAN-18848?
To fix vulnerability ZDI-CAN-18848, update to the latest version of Trend Micro TXOne StellarOne and apply any available patches or security updates.
- collector/zdi-published
- alias/ZDI-CAN-18848
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-23-231
- alias/CVE-2023-25069
- agent/software-canonical-lookup
- agent/severity
- agent/references
- agent/title
- agent/description
- agent/tags
- agent/type
- agent/event
- vendor/trend micro
- canonical/trend micro txone stellarone