This vulnerability allows local attackers to disclose sensitive information on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows remote attackers to bypass authentication on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerability.
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
What is Windows OLE?
What is Windows OLE?
OLE (Object Linking and Embedding) is a feature in Microsoft Windows that enables software to work together and share data. The feature, for example, allows a table created using Microsoft Excel either be embedded or linked to Microsoft PowerPoint.
What is the Attack?
CVE-2023-29325 is a remote code execution vulnerability in Microsoft Outlook and is stemmed from a buffer error when loading OleCache object. Successful exploitation could result in remote code execution under the context of the vulnerable application. CVE-2023-29325 has a CVSS base score of 8.1 and is rated critical by Microsoft.
Why is this Significant?
This is significant because, while exploitation of CVE-2023-29325 has not been reported or observed – the vulnerability has been publicly disclosed and Proof-of-Concept (PoC) code is available. The Microsoft advisory states that exploitation is more likely. As such, the patch should be applied as soon as possible.
What is the Vendor Solution?
Microsoft released a fix as part of regular Microsoft Patch Tuesday on May 9th, 2023.
What FortiGuard Coverage is Available?
FortiGuard Labs has the following IPS signature in place that will prevent exploitation of CVE-2023-29325:
MS.Outlook.OleCache.CVE-2023-29325.Remote.Code.Execution
Is Mitigation Available?
The Microsoft advisory provides mitigation methods. Please refer to the Appendix for a link to “Windows OLE Remote Code Execution Vulnerability (CVE-2023-29325)”.
