CVE-2022-40141: 
Trend Micro Apex One Agent vulnerability analysis and mitigation

A vulnerability was identified in Trend Micro Apex One and Apex One as a Service (CVE-2022-40141) that could allow an attacker to intercept and decode certain communication strings containing identification attributes of a particular Apex One server. The vulnerability was disclosed on September 6, 2022, affecting Apex One versions prior to SP1 (b11092/11088) and Apex One SaaS installations without the August 2022 monthly update (CERT-FR, CVE-MITRE).

The vulnerability has been assigned a CVSS score of 5.6, categorizing it as a medium severity information disclosure vulnerability. This security flaw was part of a larger security update that addressed multiple vulnerabilities in the Trend Micro Apex One platform (SOCRadar).

The vulnerability could potentially expose sensitive information by allowing attackers to intercept and decode communication strings that contain identification attributes of an Apex One server, potentially compromising the confidentiality of system information (CVE-MITRE).

Trend Micro has released patches to address this vulnerability. Users are advised to update their installations to Apex One Service Pack 1 (Server Build 11092 and Agent Build 11088). For Apex One SaaS users, the August 2022 monthly update contains the necessary fixes (CERT-FR).