CVE-2022-24680

24.02.2022, 03:15

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a mount point and leverage this for arbitrary folder deletion, leading to escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Link Following

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.8 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
trendmicro	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 14%

Vendor	Product	Version
trendmicro	apex_one	-
trendmicro	worry-free_business_security	10.0:sp1
trendmicro	worry-free_business_security_services	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-59 - Improper Link Resolution Before File Access ('Link Following')
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References

https://success.trendmicro.com/solution/000290464

https://success.trendmicro.com/solution/000290486

https://www.zerodayinitiative.com/advisories/ZDI-22-369/

https://success.trendmicro.com/solution/000290464

https://success.trendmicro.com/solution/000290486

https://www.zerodayinitiative.com/advisories/ZDI-22-369/