Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

CVE-2022-40139: Vulnerability in Trend Micro Apex One Exploited in the Wild

CVE-2022-40139: Vulnerability in Trend Micro Apex One Exploited in the Wild

Trend Micro has patched six vulnerabilities in its Apex One on-prem and software-as-a-service products, one of which has been exploited in the wild.

Background

On September 2, Trend Micro released an advisory for several vulnerabilities in its Apex One and Apex One software-as-a-service (SaaS) products which are used for agent-based threat detection and response.

CVE Description CVSSv3
CVE-2022-40139 Improper validation vulnerability in rollback functionality component 7.2
CVE-2022-40140 Source validation error vulnerability leading to denial of service 5.5
CVE-2022-40141 Information disclosure vulnerability 5.6
CVE-2022-40142 Agent link interpretation vulnerability leading to privilege escalation 7.8
CVE-2022-40143 Link interpretation vulnerability leading to privilege escalation 7.3
CVE-2022-40144 Login authentication bypass vulnerability 8.2

There is a fairly robust history of Apex One zero days. A little over a year ago, Trend Micro disclosed reports of two other zero days: CVE-2021-36741, an arbitrary file upload vulnerability, and CVE-2021-36742, a local privilege escalation. The Cybersecurity and Infrastructure Security Agency lists six vulnerabilities in Apex One in its Catalog of Known Exploited Vulnerabilities (KEV).

CVE Description CVSSv3
CVE-2020-8467 Remote code execution 8.8
CVE-2020-8468 Content validation escape 8.8
CVE-2020-24557 Privilege escalation 7.8
CVE-2020-8599 Arbitrary file upload vulnerability 9.8
CVE-2021-36742 Local privilege escalation (KEV lists as arbitrary file upload) 7.8
CVE-2021-36741 Arbitrary file upload vulnerability 8.8

Analysis

CVE-2022-40139 is an improper validation vulnerability in the “rollback” functionality which is used to revert Apex One agents to older versions. The vulnerability exists because Apex One agents are able download unverified components which could lead to code execution. While this vulnerability can only be exploited by an attacker with access to the Apex One administrative console, there have been reports of active exploitation.

It is also worth noting that other vulnerabilities patched in this release (and legacy vulnerabilities) could provide the administrative access required to exploit CVE-2022-40139. However, there is no indication that the other CVEs patched in this release have been exploited, yet.

Solution

The specific versions to resolve these vulnerabilities are listed below, though Trend Micro’s advisory notes that some of the vulnerabilities disclosed may have been patched in earlier releases for the SaaS product.

Vulnerable Product Updated version
Apex One 2019 for Windows On-Prem Apex One SP1 (b11092/11088)
Apex One (SaaS) for Windows August 2022 Monthly Patch(202208)

Identifying affected systems

A list of Tenable plugins to identify these vulnerabilities can be found here.

Get more information

Join Tenable's Security Response Team on the Tenable Community.

Learn more about Tenable, the first Cyber Exposure platform for holistic management of your modern attack surface.

Get a free 30-day trial of Tenable.io Vulnerability Management.

Related Articles

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web Application Scanning trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.cs Cloud Security.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable.io Vulnerability Management, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations and view runtime vulnerabilities. Sign up for your free trial now.

Your Tenable.cs Cloud Security trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.io Web Application Scanning.

Contact a Sales Rep to Buy Tenable.cs

Contact a Sales Representative to learn more about Tenable.cs Cloud Security and see how easy it is to onboard your cloud accounts and get visibility into both cloud misconfigurations and vulnerabilities within minutes.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Promotional pricing extended until December 31st.
Buy a multi-year license and save more.

Add Support and Training