JPCERT-AT-2023-0021
JPCERT/CC
2023-09-19
Trend Micro Incorporated
CRITICAL SECURITY BULLETIN: 3rd Party AV Uninstaller Module for Trend Micro Apex One and Worry-Free Business Security Arbitrary Code Execution Vulnerability (Text in Japanese)
https://success.trendmicro.com/jp/solution/000294706
Trend Micro Incorporated
[Alert] Apply a Critical Patch; An attack exploiting the vulnerability (CVE-2023-41179) in Trend Micro products has been observed (Text in Japanese)
https://appweb.trendmicro.com/SupportNews/NewsDetail.aspx?id=4886
Since the vulnerability is already being exploited in the wild, the users of the affected products are recommended to update the affected system to the latest version as soon as possible. Please refer to the information provided by Trend Micro.
- Trend Micro Apex One On Premise (2019)
- Trend Micro Apex One as a Service
- Worry-Free Business Security 10.0 SP1
- Worry-Free Business Security Services (SaaS)
- Trend Micro Apex One On Premise (2019) SP1 Patch 1 (b12380)
- Worry-Free Business Security 10.0 SP1 Patch 2495
According to Trend Micro, the issues in Apex One as a Service are already fixed in the July 31, 2023 updates.
- Permit access to the product's administration console to only trusted network
Trend Micro Incorporated
CRITICAL SECURITY BULLETIN: 3rd Party AV Uninstaller Module for Trend Micro Apex One and Worry-Free Business Security Arbitrary Code Execution Vulnerability (Text in Japanese)
https://success.trendmicro.com/jp/solution/000294706
Trend Micro Incorporated
[Alert] Apply a Critical Patch; An attack exploiting the vulnerability (CVE-2023-41179) in Trend Micro products has been observed (Text in Japanese)
https://appweb.trendmicro.com/SupportNews/NewsDetail.aspx?id=4886
Japan Vulnerability Notes JVNVU#90967486
Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution
https://jvn.jp/en/vu/JVNVU90967486/
If you have any information regarding this alert, please contact JPCERT/CC.
JPCERT Coordination Center (Early Warning Group)
MAIL: ew-info@jpcert.or.jp
https://www.jpcert.or.jp/english/
JPCERT/CC
2023-09-19
I. Overview
On September 19, 2023, Trend Micro has released the information regarding a vulnerability (CVE-2023-41179) in multiple endpoint security products for enterprises. If the vulnerability is exploited,an attacker who can log in to the product's administration console may execute arbitrary code with the system privilege on the PC where the security agent is installed. According to Trend Micro, an attack exploiting this vulnerability has been observed.Trend Micro Incorporated
CRITICAL SECURITY BULLETIN: 3rd Party AV Uninstaller Module for Trend Micro Apex One and Worry-Free Business Security Arbitrary Code Execution Vulnerability (Text in Japanese)
https://success.trendmicro.com/jp/solution/000294706
Trend Micro Incorporated
[Alert] Apply a Critical Patch; An attack exploiting the vulnerability (CVE-2023-41179) in Trend Micro products has been observed (Text in Japanese)
https://appweb.trendmicro.com/SupportNews/NewsDetail.aspx?id=4886
Since the vulnerability is already being exploited in the wild, the users of the affected products are recommended to update the affected system to the latest version as soon as possible. Please refer to the information provided by Trend Micro.
II. Affected Products
Affected products and versions are as follows:- Trend Micro Apex One On Premise (2019)
- Trend Micro Apex One as a Service
- Worry-Free Business Security 10.0 SP1
- Worry-Free Business Security Services (SaaS)
III. Solution
Trend Micro has released patches that address the vulnerability.It is recommended to apply the patch as soon as possible.- Trend Micro Apex One On Premise (2019) SP1 Patch 1 (b12380)
- Worry-Free Business Security 10.0 SP1 Patch 2495
According to Trend Micro, the issues in Apex One as a Service are already fixed in the July 31, 2023 updates.
IV. Workarounds
The following measure is mentioned as workarounds. As for the details,please refer to the information provided by Trend Micro.- Permit access to the product's administration console to only trusted network
V. References
Trend Micro Incorporated
CRITICAL SECURITY BULLETIN: 3rd Party AV Uninstaller Module for Trend Micro Apex One and Worry-Free Business Security Arbitrary Code Execution Vulnerability (Text in Japanese)
https://success.trendmicro.com/jp/solution/000294706
Trend Micro Incorporated
[Alert] Apply a Critical Patch; An attack exploiting the vulnerability (CVE-2023-41179) in Trend Micro products has been observed (Text in Japanese)
https://appweb.trendmicro.com/SupportNews/NewsDetail.aspx?id=4886
Japan Vulnerability Notes JVNVU#90967486
Trend Micro Endpoint security products for enterprises vulnerable to arbitrary code execution
https://jvn.jp/en/vu/JVNVU90967486/
If you have any information regarding this alert, please contact JPCERT/CC.
JPCERT Coordination Center (Early Warning Group)
MAIL: ew-info@jpcert.or.jp
https://www.jpcert.or.jp/english/