Trend Micro Apex One: Improper Access Control Disclosure
CVE-2023-32552 Published on June 26, 2023
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could allow an unauthenticated user under certain circumstances to disclose sensitive information on agents. This is similar to, but not identical to CVE-2023-32553
Weakness Type
Improper Preservation of Permissions
The software does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended.
Products Associated with CVE-2023-32552
Want to know whenever a new CVE is published for TrendMicro Apex One? stack.watch will email you.
Affected Versions
Trend Micro, Inc. Trend Micro Apex One:- Version 2019 and below 14.0.0.12024 is affected.
- Version 2019 and below 14.0.0.12024 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.