Rewterz Threat Alert – SmokeLoader Malware – Active IOCs
December 5, 2022Rewterz Threat Alert – GandCrab Ransomware – Active IOCs
December 6, 2022Rewterz Threat Alert – SmokeLoader Malware – Active IOCs
December 5, 2022Rewterz Threat Alert – GandCrab Ransomware – Active IOCs
December 6, 2022Severity
Medium
Analysis Summary
CVE-2022-45797
Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local authenticated attacker to delete arbitrary files, caused by improper validation of user requests by the Damage Cleanup Engine component. An attacker could exploit this vulnerability to delete arbitrary files on the system with elevated privileges on the system.
Impact
File Manipulation
Indicators Of Compromise
CVE
- CVE-2022-45797
Affected Vendors
Trend Micro
Affected Products
- Trend Micro Apex One On Premise (2019)
- Trend Micro Apex One SaaS
Remediation
Refer to Trend Micro Security for patch, upgrade or suggested workaround information.