CVE-2023-41179

Confirmed PUBLISHED

A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and...

Trend Micro, Inc. · Trend Micro Apex One, Trend Micro Worry-Free Business Security, Trend Micro Worry-Free Business Security Services
Exploited in the wild

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
Confirmed
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
In CISA KEV
CVSS / EPSS
7.2 High

At a Glance

A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

cisa nessus_scanner
CVE Published
Sep 19, 2023
Exploitation Reported
Sep 21, 2023
CVSS
7.2 High
EPSS
Remote Low complexity No user interaction

Affected Versions

Vendor Product Version Status
trendmicro
apex_one

2019

Affected
trendmicro
worry-free_business_security

10.0

Affected
trendmicro
worry-free_business_security_services

0 to < *

Affected
trendmicro
apex_one

2019

Affected
Trend Micro, Inc.
Trend Micro Apex One

2019 (14.0) to < 14.0.0.12380

Affected
Trend Micro, Inc.
Trend Micro Apex One

SaaS to < 14.0.12637

Affected
Trend Micro, Inc.
Trend Micro Worry-Free Business Security

10.0 SP1 to < 10.0 SP1 Build 2495

Affected
Trend Micro, Inc.
Trend Micro Worry-Free Business Security Services

SaaS to < 6.7.3578 / 14.3.1105

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.