Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
June 12, 2023Rewterz Threat Advisory – CVE-2023-34285 – NETGEAR RAX30 Vulnerability
June 12, 2023Rewterz Threat Alert – North Korean APT Kimsuky Aka Black Banshee – Active IOCs
June 12, 2023Rewterz Threat Advisory – CVE-2023-34285 – NETGEAR RAX30 Vulnerability
June 12, 2023Severity
High
Analysis Summary
CVE-2023-34148 CVSS:7.8
Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One NT Listener service. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.
CVE-2023-34147 CVSS:7.8
Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One NT Listener service. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.
CVE-2023-34146 CVSS:7.8
Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One NT Listener service. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.
CVE-2023-34145 CVSS:7.8
Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One Client Plug-in Service Manager. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.
CVE-2023-34144 CVSS:7.8
Trend Micro Apex One could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Apex One Client Plug-in Service Manager. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.
Impact
- Privilege Escalation
Indicators Of Compromise
CVE
- CVE-2023-34148
- CVE-2023-34147
- CVE-2023-34146
- CVE-2023-34145
- CVE-2023-34144
Affected Vendors
Trend Micro
Affected Products
- Trend Micro Apex One as a Service
- Trend Micro Apex One On Premise (2019)
Remediation
Refer to Trend Micro Security Advisory for patch, upgrade or suggested workaround information.