SECURITY BULLETIN: Arbitrary File Overwrite in Trend Micro VPN

You’re offline. This is a read only version of the page.

🔍 Discover the added advantages of Trend Micro Premium Services and see how they can enhance your Trend Micro experience and protection. Explore your options here.

Views:

Release Date: July 06, 2024

Trend Micro Vulnerability Identifier: CVE-2024-41183

Platform(s):Windows 10 22H2 version or higher

Summary

Trend Micro has released a new version of Trend Micro VPN. This update addresses a vulnerability that previously allowed local privilege escalation under special circumstances due to vulnerable logging functionality exposed to standard users.

Affected version(s)

PRODUCT	AFFECTED VERSION(S)	PLATFORM	LANGUAGE(S)
Trend Micro VPN	5.8.1012 and below	Windows 10 22H2	English

Solution

PRODUCT	UPDATED VERSION(S)	PLATFORM	LANGUAGE(S)
Trend Micro VPN	5.8.1030	Windows	English

Vulnerability Details

Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges.

Trend Micro has received no reports nor is aware of any actual attacks against the affected products related to this vulnerability at this time.

Mitigating Factors

None identified. Customers are advised to ensure they always have the latest version of the program.

Acknowledgement

Trend Micro would like to thank Hashim Jawad (@ihack4falafel) working with Trend Micro’s Zero Day Initiative (ZDI) for responsibly disclosing this issue and working with Trend Micro to help protect our customers.

External Reference

ZDI-CAN-22716
ZDI-CAN-22717

Keywords: SECURITY BULLETIN: Arbitrary File Overwrite in Trend Micro VPN Proxy One Pro, trend micro vpn

This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.

LAST UPDATED: JUL 06, 2024

Release Date: July 06, 2024

Trend Micro Vulnerability Identifier: CVE-2024-41183

Platform(s):Windows 10 22H2 version or higher

Summary

Affected version(s)

PRODUCT	AFFECTED VERSION(S)	PLATFORM	LANGUAGE(S)
Trend Micro VPN	5.8.1012 and below	Windows 10 22H2	English

Solution

PRODUCT	UPDATED VERSION(S)	PLATFORM	LANGUAGE(S)
Trend Micro VPN	5.8.1030	Windows	English

Vulnerability Details

Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges.

Trend Micro has received no reports nor is aware of any actual attacks against the affected products related to this vulnerability at this time.

Mitigating Factors

None identified. Customers are advised to ensure they always have the latest version of the program.

Acknowledgement

External Reference

ZDI-CAN-22716
ZDI-CAN-22717

How helpful was this article?

It was very unhelpful.
It wasn't helpful at all.
It was not helpful.
Somewhat helpful.
Just okay.
Just okay.
It was helpful.
It was somewhat helpful.
It was very helpful.
It was helpful.

Thank you for your feedback!

Feedback entity isn't available at the moment. Try again later.

🌟 Get Uninterrupted Support When You Need It Most 🌟

SECURITY BULLETIN: Arbitrary File Overwrite in Trend Micro VPN

Summary

Affected version(s)

Solution

Vulnerability Details

Mitigating Factors

Acknowledgement

External Reference

Modal header

Summary

Affected version(s)

Solution

Vulnerability Details

Mitigating Factors

Acknowledgement

External Reference