免费扫描
HIGHCVE-2024-55632CVSS 7.8

Trend Micro Apex One 中存在安全代理链接跟踪漏洞,可能允许本地攻击者在受影响的安装环境中提升权限。 请注意:攻击者必须首先获得在目标系统上执行低权限代码的能力才能利用此漏洞。

平台

trendmicro

组件

trend-micro-apex-one

修复版本

14.0.0.13140

14.0.14203

AI Confidence: mediumNVDEPSS 0.1%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2024-55632 describes a security agent link following vulnerability within Trend Micro Apex One. This flaw allows a local attacker to escalate privileges, potentially gaining unauthorized access and control over the system. The vulnerability affects versions 14.0 through 14.0.14203. A fix is available in version 14.0.14203.

影响与攻击场景翻译中…

Successful exploitation of CVE-2024-55632 allows an attacker who already possesses the ability to execute low-privileged code on a system to escalate their privileges. This means an attacker could potentially gain SYSTEM-level access, allowing them to install malware, modify system configurations, steal sensitive data, or disrupt operations. The impact is significant as it bypasses standard access controls and grants the attacker near-complete control over the compromised machine. This vulnerability is particularly concerning in environments where Apex One is deployed as a primary endpoint security solution, as a successful attack could compromise the entire endpoint.

利用背景翻译中…

CVE-2024-55632 was publicly disclosed on December 31, 2024. The vulnerability requires an attacker to already have low-privileged code execution, which limits the immediate exploitability. There are currently no publicly available proof-of-concept exploits. The EPSS score is pending evaluation, but the requirement for initial code execution suggests a medium probability of exploitation.

哪些人处于风险中翻译中…

Organizations heavily reliant on Trend Micro Apex One for endpoint security are at significant risk. Environments with weak access controls or where low-privileged users have broad permissions are particularly vulnerable. Shared hosting environments utilizing Apex One should also be assessed for potential impact.

检测步骤翻译中…

• windows / supply-chain:

Get-Process -Name ApexOne | Select-Object -ExpandProperty Path

• windows / supply-chain:

Get-WinEvent -LogName Application -Filter "EventID = 1001 and ProviderName = 'Trend Micro Apex One'"

• windows / supply-chain:

Get-ScheduledTask | Where-Object {$_.TaskName -like '*ApexOne*'}

攻击时间线

  1. Disclosure

    disclosure

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

EPSS

0.07% (21% 百分位)

CISA SSVC

利用情况none
可自动化no
技术影响total

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H7.8HIGHAttack VectorLocal攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredLow攻击所需的认证级别User InteractionNone是否需要受害者采取行动ScopeUnchanged超出受影响组件的影响范围ConfidentialityHigh敏感数据泄露风险IntegrityHigh数据未授权篡改风险AvailabilityHigh服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
本地 — 攻击者需要系统上的本地会话或Shell。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
低 — 任何有效用户账户均可。
User Interaction
无 — 攻击自动且无声,受害者无需任何操作。
Scope
未改变 — 影响仅限于脆弱组件本身。
Confidentiality
高 — 完全丧失机密性,攻击者可读取所有数据。
Integrity
高 — 攻击者可写入、修改或删除任何数据。
Availability
高 — 完全崩溃或资源耗尽,完全拒绝服务。

受影响的软件

组件trend-micro-apex-one
供应商Trend Micro, Inc.
影响范围修复版本
2019 (14.0) – 14.0.0.1314014.0.0.13140
SaaS – 14.0.1420314.0.14203

弱点分类 (CWE)

CWE-269

时间线

  1. 已保留
  2. 发布日期
  3. EPSS 更新日期

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2024-55632 is to upgrade Trend Micro Apex One to version 14.0.14203 or later. If immediate upgrading is not possible, consider implementing stricter access controls and monitoring for suspicious activity. Review existing security policies to ensure they limit the ability of low-privileged users to execute code. While a direct workaround isn't available, regularly scanning systems for unauthorized processes and unusual network connections can help detect potential exploitation attempts. After upgrade, confirm by verifying the Apex One version is 14.0.14203 or higher via the Apex One console.

修复方法翻译中…

Actualice Trend Micro Apex One a la última versión disponible. Consulte el sitio web de Trend Micro para obtener las instrucciones de actualización específicas para su versión.

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2024-55632 — Privilege Escalation in Trend Micro Apex One?

CVE-2024-55632 is a vulnerability in Trend Micro Apex One versions 14.0–14.0.14203 that allows a local attacker with low-privileged code execution to escalate their privileges, potentially gaining full control of the system.

Am I affected by CVE-2024-55632 in Trend Micro Apex One?

You are affected if you are running Trend Micro Apex One versions 14.0 through 14.0.14203 and have not upgraded to a patched version.

How do I fix CVE-2024-55632 in Trend Micro Apex One?

Upgrade Trend Micro Apex One to version 14.0.14203 or later to remediate the vulnerability. If immediate upgrade is not possible, implement stricter access controls and monitor for suspicious activity.

Is CVE-2024-55632 being actively exploited?

Currently, there are no publicly available proof-of-concept exploits, but the vulnerability's potential impact warrants proactive mitigation.

Where can I find the official Trend Micro advisory for CVE-2024-55632?

Refer to the official Trend Micro security advisory for CVE-2024-55632 on the Trend Micro website (search for CVE-2024-55632 on their security bulletins page).

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE