Platform
trendmicro
Component
trend-micro-apex-one
Fixed in
14.0.0.13140
14.0.14203
CVE-2024-55632 describes a security agent link following vulnerability within Trend Micro Apex One. This flaw allows a local attacker to escalate privileges, potentially gaining unauthorized access and control over the system. The vulnerability affects versions 14.0 through 14.0.14203. A fix is available in version 14.0.14203.
Successful exploitation of CVE-2024-55632 allows an attacker who already possesses the ability to execute low-privileged code on a system to escalate their privileges. This means an attacker could potentially gain SYSTEM-level access, allowing them to install malware, modify system configurations, steal sensitive data, or disrupt operations. The impact is significant as it bypasses standard access controls and grants the attacker near-complete control over the compromised machine. This vulnerability is particularly concerning in environments where Apex One is deployed as a primary endpoint security solution, as a successful attack could compromise the entire endpoint.
CVE-2024-55632 was publicly disclosed on December 31, 2024. The vulnerability requires an attacker to already have low-privileged code execution, which limits the immediate exploitability. There are currently no publicly available proof-of-concept exploits. The EPSS score is pending evaluation, but the requirement for initial code execution suggests a medium probability of exploitation.
Exploit Status
EPSS
0.07% (21% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-55632 is to upgrade Trend Micro Apex One to version 14.0.14203 or later. If immediate upgrading is not possible, consider implementing stricter access controls and monitoring for suspicious activity. Review existing security policies to ensure they limit the ability of low-privileged users to execute code. While a direct workaround isn't available, regularly scanning systems for unauthorized processes and unusual network connections can help detect potential exploitation attempts. After upgrade, confirm by verifying the Apex One version is 14.0.14203 or higher via the Apex One console.
Update Trend Micro Apex One to the latest available version. Consult the Trend Micro website for specific update instructions for your version.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-55632 is a vulnerability in Trend Micro Apex One versions 14.0–14.0.14203 that allows a local attacker with low-privileged code execution to escalate their privileges, potentially gaining full control of the system.
You are affected if you are running Trend Micro Apex One versions 14.0 through 14.0.14203 and have not upgraded to a patched version.
Upgrade Trend Micro Apex One to version 14.0.14203 or later to remediate the vulnerability. If immediate upgrade is not possible, implement stricter access controls and monitor for suspicious activity.
Currently, there are no publicly available proof-of-concept exploits, but the vulnerability's potential impact warrants proactive mitigation.
Refer to the official Trend Micro security advisory for CVE-2024-55632 on the Trend Micro website (search for CVE-2024-55632 on their security bulletins page).
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.