CVE-2023-32553: 
Trend Micro Apex One Agent vulnerability analysis and mitigation

CVE-2023-32553 is an improper access control vulnerability affecting Trend Micro Apex One and Apex One as a Service. The vulnerability was discovered on September 30, 2022, and publicly disclosed on May 17, 2023. The affected systems include Apex One 2019 and Apex One as a Service versions prior to April 2023 Maintenance running on Windows platforms (ZDI Advisory, Trend Advisory).

The vulnerability stems from improper access control within the web console. It has been assigned a CVSS v3.1 base score of 5.3 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N, indicating that it can be exploited remotely without requiring privileges or user interaction (NVD). The issue is classified under CWE-346 (Origin Validation Error) (NVD).

When exploited, this vulnerability allows remote attackers to disclose sensitive information from affected installations of Trend Micro Apex One. The attack does not require authentication to exploit, potentially exposing sensitive agent information (ZDI Advisory).

Trend Micro has released patches to address this vulnerability. For Apex One as a Service, users should update to the April 2023 Maintenance Hotfix (Build 202304) with Security Agent version 14.0.12105. Additionally, specific configuration settings need to be implemented on the Apex One console, including enabling Client Authentication Checksum (CAC) security for Security Agent verification (Trend Advisory).