CVE-2023-25144

High

7.8/10

Summary

An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

References

Advisory Timeline

Published Mar 10, 2023

CVE-2023-25144

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS