CVE-2022-41747

HIGH Year: 2022
CVSS v3 Score
7.8
High
Weakness Type
CWE-295
View all →

Vulnerability Description

An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Related Vulnerabilities

CVE-2018-10403

HIGH
CVSS:7.8(High)

An issue was discovered in F-Secure XFENCE and Little Flocker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/...

CWE-2952018

CVE-2018-10404

HIGH
CVSS:7.8(High)

An issue was discovered in Objective-See KnockKnock, LuLu, TaskExplorer, WhatsYourSign, and procInfo. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not compl...

CWE-2952018

CVE-2018-10405

HIGH
CVSS:7.8(High)

An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal...

CWE-2952018

CVE-2018-10406

HIGH
CVSS:7.8(High)

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the u...

CWE-2952018

CVE-2018-10408

HIGH
CVSS:7.8(High)

An issue was discovered in VirusTotal. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of ...

CWE-2952018

CVE-2020-8289

HIGH
CVSS:7.8(High)

Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where v...

CWE-2952020