CVE-2024-58104
Published: 25 March 2025
Description
Adversaries may exploit vulnerabilities to evade detection by hiding activity, suppressing logging, or operating within trusted or unmonitored components.
Security Summary
CVE-2024-58104 is a vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager that could allow a local attacker to bypass existing security controls and execute arbitrary code on affected installations. Published on 2025-03-25, it carries a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H) and maps to CWE-269 (Improper Privilege Management).
Exploitation requires an attacker to first obtain the ability to execute low-privileged code on the target system, along with local access, low privileges, and user interaction. Successful exploitation enables arbitrary code execution, resulting in high impacts to confidentiality, integrity, and availability.
Trend Micro has published mitigation guidance in their advisory at https://success.trendmicro.com/en-US/solution/KA-0018217.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Local vulnerability enabling bypass of security controls and arbitrary code execution due to improper privilege management directly maps to exploitation for privilege escalation (T1068) and defense evasion (T1211).