CVE-2023-41179 - OpenCVE

A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Trendmicro	Apex One Worry-free Business Security Worry-free Business Security Services

Configuration 1 [-]

AND

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

OR	cpe:2.3:a:trendmicro:apex_one:2019:::::::*
	cpe:2.3:a:trendmicro:apex_one:2019::::saas:::
	cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1::::::
	cpe:2.3:a:trendmicro:worry-free_business_security_services:-::::saas:::

No data.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU90967486/
https://success.trendmicro.com/jp/solution/000294706
https://success.trendmicro.com/solution/000294994

History

No history.

MITRE

Status: PUBLISHED

Assigner: trendmicro

Published: 2023-09-19T13:44:57.831Z

Updated: 2024-08-02T18:54:05.016Z

Reserved: 2023-08-24T14:57:42.645Z

Link: CVE-2023-41179

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-09-19T14:15:21.343

Modified: 2023-09-22T15:08:32.273

Link: CVE-2023-41179

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-41179", "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "state": "PUBLISHED", "assignerShortName": "trendmicro", "dateReserved": "2023-08-24T14:57:42.645Z", "datePublished": "2023-09-19T13:44:57.831Z", "dateUpdated": "2024-08-02T18:54:05.016Z"}, "containers": {"cna": {"affected": [{"vendor": "Trend Micro, Inc.", "product": "Trend Micro Apex One", "versions": [{"version": "2019 (14.0)", "status": "affected", "versionType": "semver", "lessThan": "14.0.0.12380"}]}, {"vendor": "Trend Micro, Inc.", "product": "Trend Micro Apex One", "versions": [{"version": "SaaS\t", "status": "affected", "versionType": "semver", "lessThan": "14.0.12637"}]}, {"vendor": "Trend Micro, Inc.", "product": "Trend Micro Worry-Free Business Security", "versions": [{"version": "10.0 SP1", "status": "affected", "versionType": "semver", "lessThan": "10.0 SP1 Build 2495"}]}, {"vendor": "Trend Micro, Inc.", "product": "Trend Micro Worry-Free Business Security Services", "versions": [{"version": "SaaS", "status": "affected", "versionType": "semver", "lessThan": "6.7.3578 / 14.3.1105 "}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.\r\n\r\nNote that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability."}], "providerMetadata": {"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "shortName": "trendmicro", "dateUpdated": "2023-09-21T12:26:39.088Z"}, "references": [{"url": "https://success.trendmicro.com/solution/000294994"}, {"url": "https://success.trendmicro.com/jp/solution/000294706"}, {"url": "https://jvn.jp/en/vu/JVNVU90967486/"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:54:05.016Z"}, "title": "CVE Program Container", "references": [{"url": "https://success.trendmicro.com/solution/000294994", "tags": ["x_transferred"]}, {"url": "https://success.trendmicro.com/jp/solution/000294706", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/vu/JVNVU90967486/", "tags": ["x_transferred"]}]}]}}

{"cisaActionDue": "2023-10-12", "cisaExploitAdd": "2023-09-21", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*", "matchCriteriaId": "AF019D2D-C426-4D2D-A254-442CE777B41E", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:saas:*:*:*", "matchCriteriaId": "8FA15535-6AC8-4062-BE7B-CD545B7516E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "FFCE8717-85D2-4F4F-91DF-C6DA341C4E19", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security_services:-:*:*:*:saas:*:*:*", "matchCriteriaId": "25F873F7-FC62-4234-99EE-E3BDEBB36C2A", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.\r\n\r\nNote that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability."}, {"lang": "es", "value": "Una vulnerabilidad en el m\u00f3dulo de desinstalaci\u00f3n AV de terceros contenido en Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security y Worry-Free Business Security Services podr\u00eda permitir a un atacante manipular el m\u00f3dulo para ejecutar comandos arbitrarios afectando la instalaci\u00f3n. Tenga en cuenta que un atacante primero debe obtener acceso a la consola administrativa en el sistema de destino para poder aprovechar esta vulnerabilidad."}], "id": "CVE-2023-41179", "lastModified": "2023-09-22T15:08:32.273", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-19T14:15:21.343", "references": [{"source": "security@trendmicro.com", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU90967486/"}, {"source": "security@trendmicro.com", "tags": ["Vendor Advisory"], "url": "https://success.trendmicro.com/jp/solution/000294706"}, {"source": "security@trendmicro.com", "tags": ["Vendor Advisory"], "url": "https://success.trendmicro.com/solution/000294994"}], "sourceIdentifier": "security@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}