CVE-2023-25143
Published: 10 March 2023
Summary
CVE-2023-25143 is a critical-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Trendmicro Apex One. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 16.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
An uncontrolled search path element vulnerability, tracked as CVE-2023-25143 and assigned CWE-427, affects the installer component of Trend Micro Apex One Server. The flaw carries a CVSS 3.1 score of 9.8 and permits remote code execution on affected installations when an attacker supplies a malicious executable in an uncontrolled search path.
Because the vulnerability is exploitable over the network with no authentication or user interaction required, an unauthenticated remote attacker can achieve arbitrary code execution with full confidentiality, integrity, and availability impact on the target server. Successful exploitation grants the attacker the ability to run code in the context of the installer process, potentially leading to complete compromise of the Apex One Server.
Trend Micro has published mitigation guidance in solution article 000292209, which addresses the affected installer. The EPSS score for this CVE rose from a low baseline to a peak of 0.0618 before receding to its current value of 0.0194, indicating a temporary increase in observed exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-29121
Vulnerability details
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.