Home / About / Threat Intelligence / Trend Micro patches Remote Code Execution vulnerability

Overview

Trend Micro has released an update for their web-based management console, Apex Central. An arbitrary file upload vulnerability would allow remote code execution (RCE). The company reports that some attacks have been observed in the wild and they have contacted the affected customers.

Following the update, the US Cybersecurity and Infrastructure Security Agency (CISA) has ordered civilian agencies to patch it within the next three weeks.

Impact

A remote attacker could gain control of the admin panel and disable protections.

Vulnerability Detection

Check the running version.

Affected Products

  • SaaS and on-prem
  • Trend Micro Apex Central

Containment, Mitigations & Remediations

The on-prem version requires an update. The SaaS version has been updated automatically.

Indicators of Compromise

None listed.

Threat Landscape

Exploits have been observed in the wild and Trend Micro has reached out to these customers.

Mitre Methodologies

T1190 – Exploit Public-Facing Application

Further Information

IMPORTANT SECURITY BULLETIN: Trend Micro Apex Central Arbitrary File Upload Remote Code Execution (RCE) Vulnerability