Published on September 19, 2022

Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution. Please note: an attacker must first obtain Apex One server administration console access in order to exploit this vulnerability.

Vendor Advisory NVD

Known Exploited Vulnerability

This Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.

The following remediation steps are recommended / required by October 6, 2022: Apply updates per vendor instructions.

Vulnerability Analysis

CVE-2022-40139 can be exploited with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Products Associated with CVE-2022-40139

You can be notified by whenever vulnerabilities like CVE-2022-40139 are published in these products:

What versions are vulnerable to CVE-2022-40139?

Each of the following must match for the vulnerability to exist.