Trend Micro fixed high severity flaw in Apex Central product management console

Pierluigi Paganini April 02, 2022

Trend Micro has fixed a high severity arbitrary file upload flaw, tracked as CVE-2022-26871, in the Apex Central product management console.

Cybersecurity firm Trend Micro has addressed a high severity security flaw, tracked as CVE-2022-26871, in the Apex Central product management console. The CVE-2022-26871 vulnerability is an arbitrary file upload issue, its exploitation could lead to remote code execution.

Patch release information published by the company states that the flaw resides in the file handling module.

Trend Micro Apex Central™ is a web-based console that provides centralized management for Trend Micro products and services at the gateway, mail server, file server, and corporate desktop levels. Administrators can use the policy management feature to configure and deploy product settings to managed products and endpoints. The Apex Central web-based management console provides a single monitoring point for antivirus and content security products and services throughout the network.

This week, Trend Micro spotted threat actors attempting to exploit the vulnerability in the wild. The company did not provide technical details about the attacks or if the flaw was successfully exploited by the attackers.

“Trend Micro has observed an active attempt of exploitation against this vulnerability in-the-wild (ITW) in a very limited number of instances, and we have been in contact with these customers already. All customers are strongly encouraged to update to the latest version as soon as possible.” reads the advisory published by Trend Micro.

The security firm has addressed the issue with the release of the following product versions:

ProductUpdated versionNotesPlatformAvailability
Apex Central  
Patch 3 (Build 6016)   Readme   Windows  Now Available
Apex Central
March 9, 2022, Deployment  
(Build 6016)
Deployment Notes   SaaSAlready Deployed  
(March 9)

This week, after Trend Micro disclosed the flaw, the US Cybersecurity and Infrastructure Security Agency (CISA) added this issue to its Known Exploited Vulnerabilities Catalog. The US agency ordered federal civilian agencies to address this flaw by April 21, 2022.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Trend Micro)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment