Aiming to protect from malware, Trend Micro warns against cyber-attacks by cyber threat actors by exploiting vulnerabilities in the Apex One, Apex One as a Service and OfficeScan product lines.

Trend Micro announced that a threat actor is actively exploiting a flaw tracked as CVE-2020-24557 in their antivirus solution to gain administrator rights on Windows systems. The CVE-2020-24557 vulnerability affects Apex One and OfficeScan XG enterprise security products. The vulnerability can be exploited by an attacker to increase privileges and run code in the SYSTEM context. Additionally, he stated that this flaw could be exploited by an attacker to manipulate a particular product folder to temporarily disable security, abuse a particular Windows functionality, and gain privilege escalation.

Thanks to the vulnerability, if the attacker successfully exploits the vulnerability; It can enable them to disable security products, elevate privileges, and take advantage of certain Windows features.

Update 04/23: On Thursday, Trend Micro announced that systems were being targeted with the high severity vulnerability. Trend Micro continues to apply patches released in August 2020 to all users.

Affected products and versions are:

-Trend Micro Apex One 2019 before Build 8422
– Trend Micro Apex One as a Service before Build 202008
– OfficeScan prior to XG SP1 Build 5702

Source:
trendmicro.com
jpcert.or.jp

---