Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability

Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability

Cybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free Business Security solutions for Windows that has been actively exploited in real-world attacks.
Tracked as CVE-2023-41179 (CVSS score: 9.1), it relates to a third-party antivirus uninstaller module that’s bundled along with the software. The complete list of impacted products is as follows –
Trend Micro said that a successful exploitation of the flaw could allow an attacker to manipulate the component to execute arbitrary commands on an affected installation. However, it requires that the adversary already has administrative console access on the target system.
The company also warned that it has “observed at least one active attempt of potential exploitation of this vulnerability in the wild,” making it essential that users move quickly to apply the patches.
As a workaround, it’s recommending that customers limit access to the product’s administration console to trusted networks.
The development comes as the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added nine flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild –
It’s worth noting that a fifth flaw impacting Owl Labs Meeting Owl (CVE-2022-31460, CVSS score: 7.4), a case of hard-coded credentials, was previously added to the KEV catalog on June 8, 2022, merely days after Modzero disclosed details of the flaws.
Ready to tackle new AI-driven cybersecurity challenges? Join our insightful webinar with Zscaler to address the growing threat of generative AI in cybersecurity.
“By exploiting the vulnerabilities[…], an attacker can find registered devices, their data, and owners from around the world,” the Swiss security consultancy firm said at the time.
“Attackers can also access confidential screenshots of whiteboards or use the Owl to get access to the owner’s network. The PIN protection, which protects the Owl from unauthorized use, can be circumvented by an attacker by (at least) four different approaches.”
Even more troublingly, the devices can be turned into rogue wireless network gateways to a local corporate network remotely via Bluetooth by arbitrary users and can be abused to act as a backdoor to owners’ local networks. It’s currently not known how these vulnerabilities are exploited in the wild.
The security weakness impacting MinIO has come under abuse in recent months, with Security Joes revealing that an unnamed threat actor is exploiting it in conjunction with CVE-2023-28432 (CVSS score: 7.5) to achieve unauthorized code execution on susceptible servers and drop follow-on payloads.
Sign up for free and start receiving your daily dose of cybersecurity news, insights and tips.

source