CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Oct 12, 2023

CVE-2023-41179

High

EPSS 2.3%CISA KEV

Trend Micro/Apex One and Worry-Free Business Security

Description

Trend Micro Apex One and Worry-Free Business Security contain an unspecified vulnerability in the third-party anti-virus uninstaller that could allow an attacker to manipulate the module to conduct remote code execution. An attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.

EPSS — Exploit Probability

2.3%

Higher than 84.6% of all CVEs

Required Action

https://success.trendmicro.com/dcx/s/solution/000294994?language=en_US ; https://nvd.nist.gov/vuln/detail/CVE-2023-41179

Risk Assessment

ELEVATED

In CISA KEV

Details

Severity: High
EPSS: 2.3%
CISA KEV: Yes
Ransomware: Unknown
Articles: 0

Timeline

Published

Sep 21, 2023

Added to KEV

Sep 21, 2023

Remediation Due

Oct 12, 2023

Affected Product

Trend Micro

Apex One and Worry-Free Business Security

View all Trend Micro CVEs

External Links

NVD (NIST)CVE Details MITRE CVE