Vulnerability Details CVE-2023-25147
An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process.
Please note: an attacker must first obtain administrative access on the target system via another method in order to exploit this.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.0%
CVSS Severity
CVSS v3 Score 6.7
References
Products affected by CVE-2023-25147
-
cpe:2.3:a:trendmicro:apex_one:-
-
cpe:2.3:a:trendmicro:apex_one:14.0.10349
-
cpe:2.3:a:trendmicro:apex_one:14.0.11789
-
cpe:2.3:a:trendmicro:apex_one:2019
-
cpe:2.3:o:microsoft:windows:-