EUVD-2026-31279
GHSA-v27h-98f7-4563
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionNVD
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
AnalysisAI
Local privilege escalation in Trend Micro Apex One and Apex One as a Service allows an authenticated low-privileged user to elevate to higher privileges by abusing an origin validation flaw in one of the agent's process protection communication mechanisms. No public exploit identified at time of analysis, but the vulnerability is companion to CVE-2026-45206 in a parallel code path, which suggests the underlying class of issue is actively being researched by Trend Micro's own team.
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
24 hours: Inventory all Trend Micro Apex One and Apex One as a Service instances; retrieve applicable patch version from Trend Micro security advisory. 7 days: Deploy patch to test and staging environments; validate system functionality and monitoring integration. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today