CVE-2024-58105
Published: 25 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2024-58105 is a vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager that could allow a local attacker to bypass existing security controls and execute arbitrary code on affected installations. This issue addresses an additional bypass not covered in CVE-2024-58104 and is associated with CWE-286 (Missing Authorization). The vulnerability has a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).
To exploit this vulnerability, an attacker must first obtain the ability to execute low-privileged code on the target system. A local attacker with low privileges (PR:L) and requiring user interaction (UI:R) can then leverage low attack complexity (AC:L) to bypass security mechanisms, achieving arbitrary code execution with high impacts to confidentiality, integrity, and availability.
The Trend Micro advisory provides details on mitigation and patches at https://success.trendmicro.com/en-US/solution/KA-0018217.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Local low-privileged attacker bypasses security controls (missing authorization) to achieve arbitrary code execution with high impact, directly enabling exploitation for privilege escalation.