web
You’re offline. This is a read only version of the page.
close
Looking for business support?

Help Center

This website uses cookies for website functionality and traffic analytics. Our Cookie Notice provides more information and explains how to amend your cookie settings.

Learn More Yes, I agree

SECURITY BULLETIN: Trend Micro Antivirus One Safety Server Incorrect Permission Arbitrary Configuration Update Vulnerability

LAST UPDATED: SEP 06, 2024

Release Date: September 6, 2024

Trend Micro Vulnerability Identifier: CVE-2024-45334

Platform(s): Mac OS

CVSSv3 Scores: 5.4

Summary

Trend Micro has released an updated version of Antivirus One, a family of consumer products for macOS, which resolves a Safety Server Incorrect Permission Arbitrary Configuration Update vulnerability.

Affected version(s)

PRODUCT AFFECTED VERSION(S) PLATFORM LANGUAGE(S)
Trend Micro Antivirus One Version 3.10.4 macOS English

Solution

Trend Micro has released an update via ActiveUpdate that resolves the issue.

PRODUCT UPDATED VERSION(S) PLATFORM LANGUAGE(S)
Trend Micro Antivirus One Version 3.10.6 or higher macOS English

Vulnerability Details

Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.

Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to this vulnerability at this time.

Mitigating Factors

It is recommended to update to the latest version of the product.

Additional Assistance

Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.

External Reference

  • ZDI-CAN-24181
How helpful was this article?
STAY SAFE FROM SCAMS!

Discover the latest scam tricks, how to spot them, and how to block them.