Critical Zero-Day Alarm on Trend Micro Apex One

Security solutions provider Trend Micro has released security updates regarding a zero-day vulnerability identified in Apex One and Apex One SaaS endpoint security solutions that is known to be actively exploited by threat actors.

The security vulnerability with code CVE-2022-40139 is caused by incorrect input validation in the application’s Rollback function. An authenticated remote user with access to the Admin console could exploit the security vulnerability to force Agents to download unverified malicious Rollback components.

In addition to the CVE-2022-40139 vulnerability, Trend Micro has also fixed several medium-risk security issues (CVE-2022-40141, CVE-2022-40144). The first vulnerability (CVE-2022-40141) allows threat actors to access sensitive data. The second (CVE-2022-40144) allows remote threat actors to bypass authentication checks and gain unauthorized access to the application.

Users using Trend Micro Apex One and Apex One SaaS 2019 versions are recommended to immediately apply the published updates in order not to be the target of attacks that can be carried out using these vulnerabilities.