CVE-2024-48904
Published: 22 October 2024
Summary
CVE-2024-48904 is a critical-severity Command Injection (CWE-77) vulnerability in Trendmicro Cloud Edge. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 8.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2024-48904 is a command injection vulnerability, tracked under CWE-77, that affects Trend Micro Cloud Edge appliances. The flaw permits unauthenticated remote attackers to inject and execute operating system commands, resulting in arbitrary code execution on the target device. It carries a CVSS 3.1 base score of 9.8, reflecting network attack vector, low complexity, and no required privileges or user interaction.
An attacker with network access to an exposed Cloud Edge appliance can send specially crafted requests that are processed without authentication, enabling full compromise of the appliance including confidentiality, integrity, and availability impacts.
The vendor advisory at https://success.trendmicro.com/en-US/solution/KA-0017998 and the Zero Day Initiative advisory ZDI-24-1418 contain mitigation guidance and patch information for affected versions.
EPSS for the CVE rose from a low baseline to a peak of 0.1509 before receding to the current value of 0.0725, indicating a period of increased exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2024-43130
Vulnerability details
An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to execute arbitrary code on affected appliances. Please note: authentication is not required in order to exploit this vulnerability.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.