EUVD-2026-31280
GHSA-ff4m-qxjh-q4cw
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different inter-process communication mechanism.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
AnalysisAI
Local privilege escalation in Trend Micro Apex One and Apex One as a Service agents allows an attacker with low-privileged code execution to gain elevated rights by exploiting weak origin validation in an inter-process communication channel. No public exploit identified at time of analysis, but the flaw is a sibling to CVE-2026-34927 (different IPC mechanism in the same agent) which raises the likelihood of researcher and adversary interest. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify all Apex One and Apex One as a Service deployments and confirm current versions via asset inventory. Within 7 days: Obtain Trend Micro security patches for affected versions (Apex One on-premises 2019 line 14.0 and SaaS offering) and deploy to non-production test environments to validate functionality and compatibility. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today