Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-39753

CVSS 7.5 · High EPSS 9.33% · P93
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-39753

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Trend Micro Apex One和Trend Micro Apex One as a Service 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Trend Micro Apex One和Trend Micro Apex One as a Service都是美国趋势科技(Trend Micro)公司的产品。Trend Micro Apex One是一款终端防护软件。Trend Micro Apex One as a Service是一种增强型端点安全解决方案。 Trend Micro Apex One和Trend Micro Apex One as a Service存在安全漏洞,该漏洞源于存在SQL注入漏洞,允许远程攻击者在受影响的安装上执行任意
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Trend Micro, Inc.Trend Micro Apex One 2019 (14.0) ~ 14.0.0.12980 -
Trend Micro, Inc.Trend Micro Apex One as a Service SaaS ~ 14.0.13139 -

II. Public POCs for CVE-2024-39753

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-39753

登录查看更多情报信息。

Same Patch Batch · Trend Micro, Inc. · 2024-10-22 · 8 CVEs total

CVE-2024-489049.8 CRITICALTrend Micro Cloud Edge 安全漏洞
CVE-2024-453358.4 HIGHTrend Micro Antivirus One 安全漏洞
CVE-2024-489037.8 HIGHTrend Micro Deep Security Agent 安全漏洞
CVE-2024-453347.8 HIGHTrend Micro Antivirus One 安全漏洞
CVE-2024-411837.8 HIGHTrend Micro VPN 安全漏洞
CVE-2024-469036.5 MEDIUMTrend Micro Deep Discovery Inspector 安全漏洞
CVE-2024-469024.9 MEDIUMTrend Micro Deep Discovery Inspector 安全漏洞

IV. Related Vulnerabilities

Same product: Trend Micro Apex One
Same vendor: Trend Micro, Inc.

V. Comments for CVE-2024-39753

No comments yet

Leave a comment