Cybersecurity firm Trend Micro has addressed a high severity security flaw, tracked as CVE-2022-26871, in the Apex Central product management console. The CVE-2022-26871 vulnerability is an arbitrary file upload issue, its exploitation could lead to remote code execution.
Patch release information published by the company states that the flaw resides in the file handling module.
Trend Micro Apex Central™ is a web-based console that provides centralized management for Trend Micro products and services at the gateway, mail server, file server, and corporate desktop levels. Administrators can use the policy management feature to configure and deploy product settings to managed products and endpoints. The Apex Central web-based management console provides a single monitoring point for antivirus and content security products and services throughout the network.
This week, Trend Micro spotted threat actors attempting to exploit the vulnerability in the wild. The company did not provide technical details about the attacks or if the flaw was successfully exploited by the attackers.
“Trend Micro has observed an active attempt of exploitation against this vulnerability in-the-wild (ITW) in a very limited number of instances, and we have been in contact with these customers already. All customers are strongly encouraged to update to the latest version as soon as possible.” reads the advisory published by Trend Micro.
The security firm has addressed the issue with the release of the following product versions:
|Apex Central |
|Patch 3 (Build 6016)||Readme||Windows||Now Available|
|March 9, 2022, Deployment |
|Deployment Notes||SaaS||Already Deployed |
This week, after Trend Micro disclosed the flaw, the US Cybersecurity and Infrastructure Security Agency (CISA) added this issue to its Known Exploited Vulnerabilities Catalog. The US agency ordered federal civilian agencies to address this flaw by April 21, 2022.
(SecurityAffairs – hacking, Trend Micro)