CVE-2024-58105
HIGHDescription
A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. This CVE address an addtional bypass not covered in CVE-2024-58104. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Is your site exposed to CVE-2024-58105?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| trendmicro | apex_one |
| trendmicro | apex_one |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-58105? +
How severe is CVE-2024-58105? +
What products are affected by CVE-2024-58105? +
How do I check if I'm vulnerable to CVE-2024-58105? +
Related Vulnerabilities
An issue discovered in CS-Cart MultiVendor 4.16.1 allows attackers to alter arbitrary user account profiles via crafted post request.
Weblate is a web based localization tool. In versions prior to 5.15, it was possible to accept an invitation opened …
A security issue exists within the FactoryTalk Linx Network Browser. By modifying the process.env.NODE_ENV to ‘development’, the attacker can disable …
An escalation of privilege vulnerability in ASPECT could provide an attacker root access to a server when logged in as …
phpMyFAQ is an open source FAQ web application. Versions 4.0-nightly-2025-10-03 and below do not enforce uniqueness of email addresses during …
A user/password reuse vulnerability exists in the FOXMAN-UN/UNEM application and server management. If exploited a malicious high-privileged user could use …