A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE Status: Modified
Attribute | Value |
---|---|
Attack Complexity | HIGH |
Attack Vector | LOCAL |
Availability Impact | HIGH |
Base Score | 7 |
Base Severity | HIGH |
Confidentiality Impact | HIGH |
Integrity Impact | HIGH |
Privileges Required | LOW |
Scope | UNCHANGED |
User Interaction | NONE |
Vector String | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Exploitability Score | 1 |
Impact Score | 5.9 |
Source | [email protected] |
Type | Primary |