Trend Micro Apex One and Apex One as a Service Improper Validation Vulnerability

Added Sept. 15, 2022 • Due Oct. 6, 2022 • CVE-2022-40139

Overdue Trend Micro / Apex One and Apex One as a Service CWE-353 CWE-641

Description

Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.

Required Action

Apply updates per vendor instructions.

References

https://success.trendmicro.com/dcx/s/solution/000291528?language=en_US
https://nvd.nist.gov/vuln/detail/CVE-2022-40139

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 5 months, 1 week ago