CVE-2026-34930
Undergoing Analysis Undergoing Analysis - In Progress
Privilege Escalation in Apex One/SEP Agent

Publication date: 2026-05-21

Last updated on: 2026-05-21

Assigner: Trend Micro, Inc.

Description
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-21
Last Modified
2026-05-21
Generated
2026-05-21
AI Q&A
2026-05-21
EPSS Evaluated
N/A
NVD
CVE-2026-34930
EUVD
EUVD-2026-31282
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
trendmicro apex_one *
trendmicro sep *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-346 The product does not properly verify that the source of data or communication is valid.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an origin validation flaw in the Apex One/SEP agent software. It allows a local attacker, who already has the ability to run low-privileged code on the affected system, to escalate their privileges. Essentially, the attacker can gain higher-level access than initially permitted by exploiting a weakness in the process protection mechanism of the software.

It is similar to another vulnerability identified as CVE-2026-34927 but affects a different part of the process protection.


How can this vulnerability impact me? :

If exploited, this vulnerability can allow an attacker with limited access to escalate their privileges on the system. This means the attacker could gain higher-level permissions, potentially leading to full control over the affected system.

The impact includes the possibility of compromising confidentiality, integrity, and availability of the system, as indicated by the CVSS score which rates the impact on these aspects as high.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, ensure that you update your Apex One (on-premise) and Apex One as a Service installations, as well as Vision One - Standard Endpoint Protection (SEP), to the latest versions released by Trend Micro.

Since exploitation requires prior ability to execute low-privileged code, restricting such access and monitoring for suspicious local activity can also help reduce risk.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart