Trend Micro has released an urgent security patch for its Apex Central management tool after discovering multiple vulnerabilities. These flaws could allow hackers to take control of affected systems without needing to log in. The issues were identified by security firm Tenable and impact all on-premises versions of Apex Central older than build 7190.

Severe Vulnerability Could Let Hackers Run Malicious Code

The most serious flaw, rated 9.8 out of 10, involves a vulnerability in how Apex Central loads libraries. An attacker could exploit this by sending a specially crafted message to the server, causing it to load a malicious DLL file. This could result in the attacker executing code with the highest system privileges, which is a big risk for organizations.

Expert Erik Avakian from Info-Tech Research Group explained that the vulnerability stems from how the software’s background services handle network messages. Since the service accepts messages from anyone on the network and loads DLLs without proper validation, an attacker can trick it into executing malicious code. This could happen without requiring user login or direct access to the server.

Remote Takeover and High Privileges Make the Flaw Dangerous

The flaw is especially dangerous because it allows attackers to control the server remotely by simply hosting a malicious DLL somewhere on the network. The server, when instructed, will load this DLL automatically, running the attacker’s code with SYSTEM privileges. This level of access enables the attacker to modify files, disable security features, or create new user accounts, making it a serious threat.

What makes this even more concerning is that the vulnerability appears to have existed for some time. The security advisory indicates that it was present in older versions and was only recently discovered. Trend Micro has confirmed that the flaw is not new or caused by recent updates, suggesting it’s a long-standing issue that needed urgent attention.

Other Security Issues and the Need for Immediate Action

In addition to the critical flaw, Trend Micro’s bulletin mentions two other high-severity vulnerabilities. Both of these issues can be exploited without requiring authentication, further increasing the risk for organizations running outdated versions of Apex Central.

As of now, neither Trend Micro nor Tenable have provided detailed comments on the vulnerabilities. However, experts recommend that users update to the latest build immediately to mitigate the risk and prevent potential breaches.

Organizations using Apex Central should review their systems and apply the patch as soon as possible. Failing to do so could leave their networks exposed to remote attacks that can cause widespread damage or data breaches.

Inspired by

• https://www.computerworld.com/article/4115156/trend-micro-patches-critical-flaws-in-its-apex-central-software-2.html

Sources

• tenable.com
• trendmicro.com
• infotech.com
• csoonline.com