Summary
Trend Micro patched eight vulnerabilities in Apex One, including two critical CVSS 9.8 directory traversal flaws that allow unauthenticated remote code execution via the management console. The update also patch several privilege escalation risks on Windows and macOS and strengthens defenses against previously exploited zero-days.
Take Action:
If you run Apex One on-premises, this is important. Update to CP Build 14136 ASAP and ensure your management console is not reachable from the public internet. Even if you use the SaaS version, verify that your endpoints have updated to the latest agent version to protect against local privilege escalation.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)