← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-40139 — Actively Exploited: Apex One and Apex One as a Service (Trend Micro)

Trend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.

CVE IDCVE-2022-40139
VendorTrend Micro
ProductApex One and Apex One as a Service
Vulnerability nameTrend Micro Apex One and Apex One as a Service Improper Validation Vulnerability
Date added2022-09-15
Remediation due2022-10-06
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionTrend Micro Apex One and Apex One as a Service contain an improper validation of rollback mechanism components that could lead to remote code execution.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →