Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
November 22, 2022Rewterz Threat Advisory – TP-Link TL-WR940N httpd Zero Day Vulnerabilities
November 22, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
November 22, 2022Rewterz Threat Advisory – TP-Link TL-WR940N httpd Zero Day Vulnerabilities
November 22, 2022Severity
High
Analysis Summary
CVE-2022-44650 CVSS:7
The specific flaw exists within the Unauthorized Change Prevention Service. A crafted request can trigger a write past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVE-2022-44647 CVSS:4.4
The specific flaw exists within the User Mode Hooking Monitor Engine. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVE-2022-44648 CVSS:4.4
The specific flaw exists within the User Mode Hooking Monitor Engine. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVE-2022-44649 CVSS:7
The specific flaw exists within the Unauthorized Change Prevention Service. A crafted request can trigger a write past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVE-2022-44651 CVSS:7.8
The specific flaw exists within the Apex One Client Plug-in Service Manager. The issue results from the lack of proper locking when performing operations on a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVE-2022-44652 CVSS:7.8
The specific flaw exists within the installer. The issue results from the lack of proper error handling when accessing files. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVE-2022-44653 CVSS:7.8
The specific flaw exists within the Apex One Client Plug-in Service Manager. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVE-2022-44650 CVSS:7
The specific flaw exists within the Unauthorized Change Prevention Service. A crafted request can trigger a write past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
Impact
- Privilege Escalation
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-44650
- CVE-2022-44647
- CVE-2022-44648
- CVE-2022-44649
- CVE-2022-44651
- CVE-2022-44652
- CVE-2022-44653
- CVE-2022-44650
Affected Vendors
Trend Micro
Affected Products
- Trend Micro Apex One
Remediation
Refer to Trend Micro Security Advisory for patch, upgrade or suggested workaround information.
Trend Micro Security Advisory