A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to quarantine a file, delete the original folder and replace with a junction to an arbitrary location, ultimately leading to an arbitrary file dropped to an arbitrary location. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: trendmicro

Published: 2023-03-07T22:19:52.381Z

Updated: 2024-08-02T11:18:35.772Z

Reserved: 2023-02-03T15:46:02.643Z

Link: CVE-2023-25146

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-03-10T21:15:15.140

Modified: 2024-11-21T07:49:11.830

Link: CVE-2023-25146

cve-icon Redhat

No data.