CVE-2026-34927
Privilege Escalation in Apex One/SEP Agent
Publication date: 2026-05-21
Last updated on: 2026-05-21
Assigner: Trend Micro, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| trendmicro | apex_one | * |
| trendmicro | sep | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-346 | The product does not properly verify that the source of data or communication is valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an origin validation flaw in the Apex One/SEP agent software. It allows a local attacker, who already has the ability to run low-privileged code on the affected system, to escalate their privileges. Essentially, the attacker can gain higher-level access than initially permitted by exploiting this weakness.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should ensure that you have updated to the latest versions of Apex One (on-premise) and Apex One as a Service, as well as Vision One - Standard Endpoint Protection (SEP), as released by Trend Micro.
Since exploitation requires prior ability to execute low-privileged code, restricting such access and applying principle of least privilege can help reduce risk.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker with limited access to gain elevated privileges on the system. This means the attacker could potentially perform actions that require higher permissions, such as modifying system settings, accessing sensitive data, or installing malicious software, thereby compromising the security and integrity of the affected system.