CVE-2026-45208
TOCTOU Privilege Escalation in Apex One/SEP Agent
Publication date: 2026-05-21
Last updated on: 2026-05-21
Assigner: Trend Micro, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| trendmicro | apex_one | * |
| trendmicro | sep | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-367 | The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a time-of-check time-of-use (TOCTOU) flaw found in the Apex One/SEP agent. It allows a local attacker, who already has the ability to run low-privileged code on the affected system, to escalate their privileges. Essentially, the attacker can exploit a timing issue between checking a condition and using a resource to gain higher access rights.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker with limited access to increase their privileges on the system. This means they could potentially gain administrative or higher-level control, leading to unauthorized actions such as installing malicious software, accessing sensitive data, or disrupting system operations.