Trend Micro Apex Central Arbitrary File Upload Remote Code Execution (RCE) Vulnerability
- CVE-2022-26871
- CVE-2022-26871
- CVSS- 8.6
Sources
Trend Micro: https://success.trendmicro.com/dcx/s/solution/000290678?language=en_US
Risks
Unpatched (on-premise) Trend Micro Apex Central systems will not properly check for file contents.
Trend Micro notes that the “(updated) SaaS version has already been deployed on the backend and no further action is required from SaaS customers on this issue.”
Description
Trend Micro Apex Central is a web-based console that provides centralized management for Trend Micro products and services and provides a single monitoring point for antivirus and content security products and services throughout the network.
On the 29th of March 2022, Trend Micro published a security bulletin detailing the existence of an arbitrary file upload weakness, which if exploited, could lead to unauthenticated remote code execution.
Due to Trend Micro having observed active attempts of exploitation, organisations using on-premise deployments of Trend Micro Apex Central are strongly encouraged to update to the latest build as soon as possible.
Recommended Actions
Trend Micro notes that in addition to timely patching/updating of vulnerable systems, “customers are also advised to review remote access to critical systems and ensure policies and perimeter security is up-to-date.”