CVE-2024-58105: 
Trend Micro Apex One Agent vulnerability analysis and mitigation

A vulnerability (CVE-2024-58105) has been identified in the Trend Micro Apex One Security Agent Plug-in User Interface Manager that could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. This vulnerability is an additional bypass not covered in CVE-2024-58104. The vulnerability affects Trend Micro Apex One 2019 (On-prem) versions before build 13140 and Apex One as a Service versions before 202412 (Agent version 14.0.14203) (Trend Advisory).

The vulnerability has been assigned a CVSS v3.1 Base Score of 7.3 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H. The vulnerability is classified under CWE-286 (Incorrect User Management). An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability (NVD).

If successfully exploited, this vulnerability allows an attacker to bypass existing security mechanisms and execute arbitrary code on affected installations with elevated privileges. The impact is significant as it affects both confidentiality, integrity, and availability of the system (Trend Advisory).

Trend Micro has released patches to address this vulnerability. Users of Apex One 2019 (On-prem) should upgrade to build 13140 or later, while Apex One as a Service users should upgrade to version 202412 (Agent version 14.0.14203) or later. Additionally, customers are advised to review remote access to critical systems and ensure policies and perimeter security are up-to-date (Trend Advisory).