Trend Micro Apex Central security update-CVE-2022-26871
NAME
Trend Micro – Apex Central
- Platforms Affected:
Apex Central - Risk Level:
medium - CVE Type:
Unrestricted file upload
DESCRIPTION
CVE-2022-26871 is an unrestricted file upload vulnerability impacting multiple versions of Trend Micro Apex Central and Trend Micro Apex Central as a Service. A proof of concept (PoC) was not observed publicly or in the underground. Trend Micro claimed to be aware of the vulnerability being actively exploited in the wild.
CVSS Information:
- CVSS 2.0 SCORE:
- CVSS 3.0 SCORE: 8.6
- Exploit Disclosed in the Public:
true - Exploit Weaponised:
true - PoC Link:
hXXps://appweb[.]trendmicro[.]com/supportNews/NewsDetail[.]aspx?id=4435
MITIGATION
Trend Micro addressed the vulnerability in a security advisory with an updated version.
- Reference Link:
https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435 - Patch Available:
available
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.