DEV Community

Cover image for CVE-2022-40139: Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability
Freedom Coder
Freedom Coder

Posted on • Originally published at scyscan.com

CVE-2022-40139: Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability

CVE ID

CVE-2022-40139

Vulnerability Name

Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability

  • Project: Trend Micro
  • Product: Apex One and Apex One as a Service

Date

  • Date Added: 2022-09-15
  • Due Date: 2022-10-06

Description

Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://success.trendmicro.com/dcx/s/solution/000291528?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2022-40139

Related Security News

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List

Top comments (0)