Trend Micro releases urgent fix for actively exploited vulnerability

Home / Threat Intelligence bulletins / Trend Micro releases urgent fix for actively exploited vulnerability

Target Industry

Indiscriminate, opportunistic targeting.

Overview

The Trend Micro Worry-Free Business Security (WFBS) vulnerability is a collection of security weaknesses that have impacted the Trend Micro WFBS and Worry-Free Business Security Services (WFBSS) products for Windows.

Trend Micro has disclosed patches to overcome the security flaw for Apex One and WFBS solutions for Windows.

Impact

Successful exploitation of CVE-2023-41179 could allow a threat actor to target the system and exploit it by executing the arbitrary commands on an affected installation.

Vulnerability Detection

Trend Micro has patched the vulnerability for the respective product versions. As such, previous versions are vulnerable to potential exploitation.

Affected Products

  • Apex One – version 2019 (on-premises), fixed in SP1 Patch 1 (B12380)
  • Apex One as a Service – fixed in SP1 Patch 1 (B12380) and Agent version 14.0.12637
  • Worry-Free Business Security – version 10.0 SP1, fixed in 10.0 SP1 Patch 2495
  • Worry-Free Business Security Services – fixed on 31st July, 2023 in the monthly maintenance release.

Containment, Mitigations & Remediations

It is strongly recommended that the security patches released by Trend Micro are applied as soon as possible to mitigate against exploitation of this vulnerability.

Indicators of Compromise

No specific Indicators of Compromise (IoCs) are available currently.

Threat Landscape

Trend Micro Apex One occupies a significant portion of the endpoint security market share. Given that threat actors generally utilise a combination of probability and asset value to decide which attack surfaces to spend their time on, it is possible that such products could emerge as a prime target. Due to the fact that endpoint security products have become an integral aspect of business operations, it is likely that threat actors will continue to exploit associated vulnerabilities in an attempt to extract the sensitive data contained therein.

Threat Group

No attribution to specific threat actors or groups has been identified at the time of writing.

Mitre Methodologies

Tactic:

TA0002 – Execution

Further Information

Trend Micro Patch Advisory

 

An Intelligence Terminology Yardstick to showing the likelihood of events