CVE-2022-40139: Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability

CVE ID

CVE-2022-40139

Vulnerability Name

Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability

• Project: Trend Micro
• Product: Apex One and Apex One as a Service

Date

• Date Added: 2022-09-15
• Due Date: 2022-10-06

Description

Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://success.trendmicro.com/dcx/s/solution/000291528?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2022-40139

Related Security News

• Trend Micro warns of Apex One zero-day exploited in attacks

More CVEs Info

Common Vulnerabilities & Exposures (CVE) List