CVEFinder.io

CVE-2026-34928

⚠️ high
🔍 Scan for this CVE
Summary

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different named pipe communication mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVSS Score
7.8
High
EPSS Score
0.0
Exploit Probability
Published Date
2026-05-21
First Seen: 2026-05-22
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 69.7% of all 325,680 vulnerabilities in our database.

#98,831
Above average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: May 21, 2026
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Total
Complete system compromise possible
SSVC data provided by CISA
Last Modified 2026-05-22
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-346

📦 Affected Products 2

Vendor Product Status Affected Versions
trendmicro apex_one Affected
< 14.0.0.17079
trendmicro apex_one Affected
< 14.0.20731

🔗 References 1

https://success.trendmicro.com/en-US/solution/KA-002...
Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-71210 ⛔ critical 9.8 0.6 A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code an... 2026-05-21
CVE-2025-71211 ⛔ critical 9.8 0.6 A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code an... 2026-05-21
CVE-2025-71212 ⚠️ high 7.8 0.0 A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileg... 2026-05-21
CVE-2025-71213 ⚠️ high 7.8 0.0 An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on ... 2026-05-21
CVE-2025-71214 ⚠️ high 7.8 0.0 An origin validation error vulnerability in the Trend Micro Apex One (mac) agent iCore service could allow a local attac... 2026-05-21
CVE-2025-71215 ⚠️ high 7.0 0.0 A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent iCore service signature verification c... 2026-05-21
These CVEs affect the same products