CVE-2023-41179 - Vulnerability Details - OpenCVE

A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is in the KEV database since Sept. 21, 2023.

Exploitation active

Automatable no

Technical Impact total

Vendors	Products
Microsoft	Windows
Trendmicro	Apex One Worry-free Business Security Worry-free Business Security Services

Configuration 1 [-]

AND

OR	cpe:2.3:a:trendmicro:apex_one:2019:::::::*
	cpe:2.3:a:trendmicro:apex_one:2019::::saas:::
	cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1::::::
	cpe:2.3:a:trendmicro:worry-free_business_security_services:-::::saas:::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://jvn.jp/en/vu/JVNVU90967486/
https://success.trendmicro.com/jp/solution/000294706
https://success.trendmicro.com/solution/000294994

History

Fri, 29 Nov 2024 15:00:00 +0000

Type	Values Removed	Values Added
Weaknesses	NVD-CWE-noinfo

Wed, 25 Sep 2024 15:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-94
Metrics		kev `{'dateAdded': '2023-09-21'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: trendmicro

Published: 2023-09-19T13:44:57.831Z

Updated: 2024-09-25T14:39:44.648Z

Reserved: 2023-08-24T14:57:42.645Z

Link: CVE-2023-41179

Vulnrichment

Updated: 2024-08-02T18:54:05.016Z

NVD

Status : Analyzed

Published: 2023-09-19T14:15:21.343

Modified: 2024-11-29T14:33:04.283

Link: CVE-2023-41179

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-41179", "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "state": "PUBLISHED", "assignerShortName": "trendmicro", "dateReserved": "2023-08-24T14:57:42.645Z", "datePublished": "2023-09-19T13:44:57.831Z", "dateUpdated": "2024-09-25T14:39:44.648Z"}, "containers": {"cna": {"affected": [{"vendor": "Trend Micro, Inc.", "product": "Trend Micro Apex One", "versions": [{"version": "2019 (14.0)", "status": "affected", "versionType": "semver", "lessThan": "14.0.0.12380"}]}, {"vendor": "Trend Micro, Inc.", "product": "Trend Micro Apex One", "versions": [{"version": "SaaS\t", "status": "affected", "versionType": "semver", "lessThan": "14.0.12637"}]}, {"vendor": "Trend Micro, Inc.", "product": "Trend Micro Worry-Free Business Security", "versions": [{"version": "10.0 SP1", "status": "affected", "versionType": "semver", "lessThan": "10.0 SP1 Build 2495"}]}, {"vendor": "Trend Micro, Inc.", "product": "Trend Micro Worry-Free Business Security Services", "versions": [{"version": "SaaS", "status": "affected", "versionType": "semver", "lessThan": "6.7.3578 / 14.3.1105 "}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.\r\n\r\nNote that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability."}], "providerMetadata": {"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "shortName": "trendmicro", "dateUpdated": "2023-09-21T12:26:39.088Z"}, "references": [{"url": "https://success.trendmicro.com/solution/000294994"}, {"url": "https://success.trendmicro.com/jp/solution/000294706"}, {"url": "https://jvn.jp/en/vu/JVNVU90967486/"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:54:05.016Z"}, "title": "CVE Program Container", "references": [{"url": "https://success.trendmicro.com/solution/000294994", "tags": ["x_transferred"]}, {"url": "https://success.trendmicro.com/jp/solution/000294706", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/vu/JVNVU90967486/", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "affected": [{"vendor": "trendmicro", "product": "apex_one", "cpes": ["cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2019", "status": "affected"}]}, {"vendor": "trendmicro", "product": "worry-free_business_security", "cpes": ["cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "10.0", "status": "affected"}]}, {"vendor": "trendmicro", "product": "worry-free_business_security_services", "cpes": ["cpe:2.3:a:trendmicro:worry-free_business_security_services:-:*:*:*:saas:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "*", "versionType": "custom"}]}, {"vendor": "trendmicro", "product": "apex_one", "cpes": ["cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:saas:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2019", "status": "affected"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-09-25T14:33:08.513391Z", "id": "CVE-2023-41179", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2023-09-21", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-41179"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T14:39:44.648Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://success.trendmicro.com/solution/000294994", "tags": ["x_transferred"]}, {"url": "https://success.trendmicro.com/jp/solution/000294706", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/vu/JVNVU90967486/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:54:05.016Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-41179", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-25T14:33:08.513391Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2023-09-21", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2023-41179"}}}], "affected": [{"cpes": ["cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*"], "vendor": "trendmicro", "product": "apex_one", "versions": [{"status": "affected", "version": "2019"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1:*:*:*:*:*:*"], "vendor": "trendmicro", "product": "worry-free_business_security", "versions": [{"status": "affected", "version": "10.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:trendmicro:worry-free_business_security_services:-:*:*:*:saas:*:*:*"], "vendor": "trendmicro", "product": "worry-free_business_security_services", "versions": [{"status": "affected", "version": "0", "lessThan": "*", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:saas:*:*:*"], "vendor": "trendmicro", "product": "apex_one", "versions": [{"status": "affected", "version": "2019"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-25T14:37:01.860Z"}}], "cna": {"affected": [{"vendor": "Trend Micro, Inc.", "product": "Trend Micro Apex One", "versions": [{"status": "affected", "version": "2019 (14.0)", "lessThan": "14.0.0.12380", "versionType": "semver"}]}, {"vendor": "Trend Micro, Inc.", "product": "Trend Micro Apex One", "versions": [{"status": "affected", "version": "SaaS\t", "lessThan": "14.0.12637", "versionType": "semver"}]}, {"vendor": "Trend Micro, Inc.", "product": "Trend Micro Worry-Free Business Security", "versions": [{"status": "affected", "version": "10.0 SP1", "lessThan": "10.0 SP1 Build 2495", "versionType": "semver"}]}, {"vendor": "Trend Micro, Inc.", "product": "Trend Micro Worry-Free Business Security Services", "versions": [{"status": "affected", "version": "SaaS", "lessThan": "6.7.3578 / 14.3.1105 ", "versionType": "semver"}]}], "references": [{"url": "https://success.trendmicro.com/solution/000294994"}, {"url": "https://success.trendmicro.com/jp/solution/000294706"}, {"url": "https://jvn.jp/en/vu/JVNVU90967486/"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.\r\n\r\nNote that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability."}], "providerMetadata": {"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "shortName": "trendmicro", "dateUpdated": "2023-09-21T12:26:39.088Z"}}}, "cveMetadata": {"cveId": "CVE-2023-41179", "state": "PUBLISHED", "dateUpdated": "2024-09-25T14:39:44.648Z", "dateReserved": "2023-08-24T14:57:42.645Z", "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "datePublished": "2023-09-19T13:44:57.831Z", "assignerShortName": "trendmicro"}, "dataVersion": "5.1"}

{"cisaActionDue": "2023-10-12", "cisaExploitAdd": "2023-09-21", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*", "matchCriteriaId": "AF019D2D-C426-4D2D-A254-442CE777B41E", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:saas:*:*:*", "matchCriteriaId": "8FA15535-6AC8-4062-BE7B-CD545B7516E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "FFCE8717-85D2-4F4F-91DF-C6DA341C4E19", "vulnerable": true}, {"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security_services:-:*:*:*:saas:*:*:*", "matchCriteriaId": "25F873F7-FC62-4234-99EE-E3BDEBB36C2A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.\r\n\r\nNote that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability."}, {"lang": "es", "value": "Una vulnerabilidad en el m\u00f3dulo de desinstalaci\u00f3n AV de terceros contenido en Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security y Worry-Free Business Security Services podr\u00eda permitir a un atacante manipular el m\u00f3dulo para ejecutar comandos arbitrarios afectando la instalaci\u00f3n. Tenga en cuenta que un atacante primero debe obtener acceso a la consola administrativa en el sistema de destino para poder aprovechar esta vulnerabilidad."}], "id": "CVE-2023-41179", "lastModified": "2024-11-29T14:33:04.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-09-19T14:15:21.343", "references": [{"source": "security@trendmicro.com", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU90967486/"}, {"source": "security@trendmicro.com", "tags": ["Broken Link"], "url": "https://success.trendmicro.com/jp/solution/000294706"}, {"source": "security@trendmicro.com", "tags": ["Broken Link"], "url": "https://success.trendmicro.com/solution/000294994"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU90967486/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://success.trendmicro.com/jp/solution/000294706"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://success.trendmicro.com/solution/000294994"}], "sourceIdentifier": "security@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}