Detections
Analytics

Trend Micro Apex One < SP1 (b17079) Multiple Vulnerabilities (KA-0023430)

high Nessus Plugin ID 316481

Synopsis

The remote Windows host is running an application that is affected by multiple vulnerabilities.

Description

According to its self-reported version, the Trend Micro application running on the remote Windows host is Apex One prior to SP1 (Server Build 17079 and Agent Build 17079). It is, therefore, affected by multiple vulnerabilities, including:

 - A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker to modify a key table on the server to inject malicious code to deploy to agents on affected installations. (CVE-2026-34926)

 - An origin validation vulnerability in the Apex One agent could allow a local attacker to escalate privileges on affected installations. (CVE-2026-34927)

 - A time-of-check time-of-use vulnerability in the Apex One agent could allow a local attacker to escalate privileges on affected installations. (CVE-2026-45208)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Apex One SP1 (b17079/17079) or later.

See Also

https://success.trendmicro.com/en-US/solution/KA-0023430

Plugin Details

Severity: High

ID: 316481

File Name: trendmicro_apex_one_KA-0023430.nasl

Version: 1.1

Type: Local

Agent: windows

Family: Windows

Published: 5/22/2026

Updated: 5/22/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.5

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2026-34927

CVSS v3

Risk Factor: High

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:trendmicro:apex_one

Required KB Items: installed_sw/Trend Micro Apex One

Patch Publication Date: 5/21/2026

Vulnerability Publication Date: 5/21/2026

Reference Information

CVE: CVE-2026-34926, CVE-2026-34927, CVE-2026-34928, CVE-2026-34929, CVE-2026-34930, CVE-2026-45206, CVE-2026-45207, CVE-2026-45208

IAVA: 2026-A-0504