On July 28, Trend Micro released security patches for multiple incorrect permission assignment privilege escalation, incorrect permission preservation authentication bypass, arbitrary file upload, and local privilege escalation vulnerabilities in Apex One and Apex One as a Service products. The security firm also reported that attackers are already exploits at least two of the flaws (CVE-2021-32464, CVE-2021-32465, CVE-2021-36741, CVE-2021-36742) in attacks in the wild.
The vulnerabilities affect the Trend Micro Apex One (On Premise) and Apex One as a Service (SaaS) on Windows.
“Trend Micro has observed an active attempt of exploitation against two of these vulnerabilities (chained) in-the-wild (ITW) in a very limited number of instances, and we have been in contact with these customers already. All customers are strongly encouraged to update to the latest versions as soon as possible.” reads the advisory.
The company did not share info about the attacks in the wild that exploited the above vulnerabilities.
In April, the security firm revealed that attackers were actively exploiting a vulnerability, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems.
(SecurityAffairs – hacking, zero-day)