Known as CVE-2023-41179, a serious zero-day vulnerability that affects Apex One, Apex One SaaS, and Worry-Free Business Security has been covered in an advisory from Trend Micro. The issue centers on “products’ ability to uninstall third-party security software” and can be used to execute arbitrary code.
The alert, which is published in Japanese, explains how, because the vulnerability can’t infiltrate a network on its own, an attacker would need access to a product’s administrative console and would have had to have stolen its management console authentication before the attack.