CVE-2026-34927
Undergoing Analysis Undergoing Analysis - In Progress

Privilege Escalation in Apex One/SEP Agent

Vulnerability report for CVE-2026-34927, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-05-21

Last updated on: 2026-05-22

Assigner: Trend Micro, Inc.

Description

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-05-21
Last Modified
2026-05-22
Generated
2026-07-07
AI Q&A
2026-05-21
EPSS Evaluated
2026-07-06
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
trendmicro apex_one to 14.0.20731 (exc)
trendmicro apex_one to 14.0.0.17079 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-346 The product does not properly verify that the source of data or communication is valid.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, you should ensure that you have updated to the latest versions of Apex One (on-premise) and Apex One as a Service, as well as Vision One - Standard Endpoint Protection (SEP), as released by Trend Micro.

Since exploitation requires prior ability to execute low-privileged code, restricting such access and applying principle of least privilege can help reduce risk.

Executive Summary

This vulnerability is an origin validation flaw in the Apex One/SEP agent software. It allows a local attacker, who already has the ability to run low-privileged code on the affected system, to escalate their privileges. Essentially, the attacker can gain higher-level access than initially permitted by exploiting this weakness.

Impact Analysis

If exploited, this vulnerability can allow an attacker with limited access to gain elevated privileges on the system. This means the attacker could potentially perform actions that require higher permissions, such as modifying system settings, accessing sensitive data, or installing malicious software, thereby compromising the security and integrity of the affected system.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-34927. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart