Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities
September 21, 2022Rewterz Threat Alert – LokiBot Malware – Active IOCs
September 21, 2022Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities
September 21, 2022Rewterz Threat Alert – LokiBot Malware – Active IOCs
September 21, 2022Severity
High
Analysis Summary
CVE-2022-40139
Trend Micro Apex One could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper validation of rollback mechanism components. By sending a specially-crafted request to download an unverified rollback package, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators Of Compromise
CVE
- CVE-2022-40139
Affected Vendors
- Trend Micro
Affected Products
- Trend Micro Apex One On Premise (2019)
- Trend Micro Apex One SaaS
Remediation
Refer to Trend Micro Security Advisory for patch, upgrade or suggested workaround information.