Trend Micro Reports Hacker Attacks on Apex One EDR in Two Zero-Day Vulnerabilities
The vulnerabilities were used together to upload malicious code to Apex One and escalate privileges to take control of the host system.
Cybersecurity company Trend Micro reported that earlier this year, hackers tried to exploit two zero-day vulnerabilities in its Apex One EDR platform in order to gain access to its clients.
Although details of the attacks were not disclosed, both vulnerabilities were patched by the manufacturer late last month.
The two zero-day vulnerabilities were used together in a chain of exploits to upload malicious code to the Apex One platform and escalate privileges to take control of the host system, Trend Micro reported.
These are the following vulnerabilities :
CVE-2021-36741: Loading arbitrary files;
CVE-2021-36742: local privilege escalation.
Trend Micro strongly recommends that Apex One users update their systems to the latest versions. According to the manufacturer, the patches affect both Apex One, on-premises and cloud (SaaS) solutions.
These are the fifth and sixth zero-day vulnerabilities in Trend Micro products exploited by hackers in 2020-21. The previous three zero-day vulnerabilities:
CVE-2019-18187: discovered in January 2020 and exploited by Chinese hackers in the Mitsubishi Electric attack.
CVE-2020-8467 and CVE-2020-8468: disclosed May 2020
CVE-2020-24557: disclosed April 2021.
Trend Micro has never disclosed details of exploitation attacks before, so there will likely be no details this time either.
Catch up on more articles here
Follow us on Twitter here