CVE-2022-26871
9.8CRITICALAn arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Published: 3/29/2022Updated: 12/22/2025
CISA Known Exploited Vulnerability
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.
Required Action:
Apply updates per vendor instructions.
Due Date:
2022-04-21
Description
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
AI AnalysisPowered by AI
Affected Products
trendmicroapex_central
2019
trendmicroapex_one
-
References
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435Vendor Advisory
- https://jvn.jp/vu/JVNVU99107357Third Party AdvisoryVDB Entry
- https://success.trendmicro.com/jp/solution/000290660MitigationPatchVendor Advisory
- https://success.trendmicro.com/solution/000290678MitigationPatchVendor Advisory
- https://www.jpcert.or.jp/english/at/2022/at220008.htmlThird Party AdvisoryVDB Entry
- https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435Vendor Advisory
- https://jvn.jp/vu/JVNVU99107357Third Party AdvisoryVDB Entry
- https://success.trendmicro.com/jp/solution/000290660MitigationPatchVendor Advisory
- https://success.trendmicro.com/solution/000290678MitigationPatchVendor Advisory
- https://www.jpcert.or.jp/english/at/2022/at220008.htmlThird Party AdvisoryVDB Entry
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26871US Government Resource