Trend Micro is informing its customers that important security updates for vulnerabilities are available for the Apex One platform. The company itself classifies some updates as critical. The Common Vulnerability Scoring System version 3.0 (CVSS v3) scores range from 6,7 to 9,1 out of 10.
Organizations using the Apex One 2019 (on-prem) or Apex One SaaS protection tier should take Trend Micro's latest security warnings seriously. There is a whole series of patches for security vulnerabilities. Some of the gaps are classified as High or even Critical. However, none of the gaps mentioned can be attacked directly. In any case, another hack must first succeed in order to then exploit the gaps. In some cases, logging into the Apex One web console is the first hurdle or you need admin access to carry out the attack.
No access without previous hack
In its SECURITY BULLETIN October 2022, Trend Micro details exactly what the vulnerabilities are, what can be done with them, and the requirements for accessing the vulnerability. The provider recommends its customers to update immediately, even if an exploit would have to meet several specific conditions in order to become dangerous.
More at TrendMicro.com
About Trend Micro As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.