Rewterz Threat Alert – IcedID banking Trojan – Active IOCs
April 4, 2022Rewterz Threat Alert – Mirai Botnet – Active IOCs
April 4, 2022Severity
High
Analysis Summary
CVE-2022-27883 CVSS:7.8
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Antivirus for Mac. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the libTmUtil dylib. By creating a symbolic link, an attacker can abuse the product to loosen permissions on a local file. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of root.
CVE-2022-26871 CVSS:8.6
Trend Micro Apex Central could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious script, which could allow the attacker to execute arbitrary code on the vulnerable system.
Impact
- Privilege Escalation
- Unauthorized Assess
Indicator Of Compromise
CVE
- CVE-2022-27883
- CVE-2022-26871
Affected Vendors
- Trend Micro
Affected Products
- Antivirus for Mac
- Trend Micro Apex Central
Remediation
Refer to Trend Micro Security Bulletin: for patch, upgrade or suggested workaround information.