{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2022-41744","assignerOrgId":"7f7bd7df-cffe-4fdb-ab6d-859363b89272","assignerShortName":"trendmicro","dateUpdated":"2024-08-03T12:49:43.722Z","dateReserved":"2022-09-28T00:00:00.000Z","datePublished":"2022-10-10T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"7f7bd7df-cffe-4fdb-ab6d-859363b89272","shortName":"trendmicro","dateUpdated":"2022-10-10T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection integrated component could allow a local attacker to escalate privileges and turn a specific working directory into a mount point on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."}],"affected":[{"vendor":"Trend Micro","product":"Trend Micro Apex One","versions":[{"version":"2019 (on-prem) and SaaS","status":"affected"}]}],"references":[{"url":"https://success.trendmicro.com/solution/000291645"},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-22-1404/"}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Time-of-Check Time-of-Use LPE"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T12:49:43.722Z"},"title":"CVE Program Container","references":[{"url":"https://success.trendmicro.com/solution/000291645","tags":["x_transferred"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-22-1404/","tags":["x_transferred"]}]}]}}