EUVD-2026-31285
GHSA-c93p-h3cc-p7rr
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
AnalysisAI
Local privilege escalation in Trend Micro Apex One (on-premises 2019/14.0) and Apex One as a Service allows a low-privileged user already executing code on the host to elevate to higher privileges by abusing an origin validation weakness in the security agent. The flaw carries a CVSS 7.8 (local, low complexity) and no public exploit identified at time of analysis, but because the agent typically runs with SYSTEM-level rights, successful exploitation yields full host compromise. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all instances of Trend Micro Apex One (2019/14.0 and earlier) and prioritize systems in high-risk environments or supporting business-critical functions. Within 7 days: Test vendor-released patch (KA-0023430) in a non-production environment and communicate patching timeline to affected teams. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today