CVE-2023-32555: TOCTOU Privilege Escalation in Trend Micro Apex One Agent
CVE-2023-32555 Published on June 26, 2023

A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32554.

NVD

Products Associated with CVE-2023-32555

Want to know whenever a new CVE is published for TrendMicro Apex One? stack.watch will email you.

TrendMicro Apex One

Affected Versions

Trend Micro, Inc. Trend Micro Apex One:

Version 2019 and below 14.0.0.12024 is affected.

trend_micro_inc trend_micro_apex_one:

Version 2019 and below 14.0.0.12024 is affected.

Exploit Probability

EPSS

0.04%

Percentile

11.95%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2023-32555: TOCTOU Privilege Escalation in Trend Micro Apex One AgentCVE-2023-32555 Published on June 26, 2023

Products Associated with CVE-2023-32555

Affected Versions

Exploit Probability

CVE-2023-32555: TOCTOU Privilege Escalation in Trend Micro Apex One Agent
CVE-2023-32555 Published on June 26, 2023