CVE-2022-26871 (GCVE-0-2022-26871)

Vulnerability from cvelistv5 – Published: 2022-03-29 20:45 – Updated: 2025-10-21 23:15
VLAI? CISA KEV
Summary
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.
Severity ?
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • Arbitrary File Upload
Assigner
References
Impacted products
Vendor Product Version
Trend Micro Trend Micro Apex Central Affected: 2019 (on-premise), SaaS
Create a notification for this product.
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: ba383bcf-6e11-49ed-88ac-c9b82f563a10

Vulnerability ID: CVE-2022-26871

Status: Confirmed

Status Updated: 2022-03-31 00:00 UTC

Exploited: Yes

Timestamps
First Seen: 2022-03-31
Asserted: 2022-03-31
Scope
Notes: KEV entry: Trend Micro Apex Central Arbitrary File Upload Vulnerability | Affected: Trend Micro / Apex Central | Description: An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution. | Required action: Apply updates per vendor instructions. | Due date: 2022-04-21 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://nvd.nist.gov/vuln/detail/CVE-2022-26871
Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details
Cwes CWE-184
Feed CISA Known Exploited Vulnerabilities Catalog
Product Apex Central
Due Date 2022-04-21
Date Added 2022-03-31
Vendorproject Trend Micro
Vulnerabilityname Trend Micro Apex Central Arbitrary File Upload Vulnerability
Knownransomwarecampaignuse Unknown
References
Created: 2026-02-02 12:27 UTC | Updated: 2026-02-06 07:17 UTC
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T05:18:38.023Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000290678"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/jp/solution/000290660"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.jpcert.or.jp/english/at/2022/at220008.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://jvn.jp/vu/JVNVU99107357"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-26871",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-29T16:35:02.298420Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-03-31",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26871"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-345",
                "description": "CWE-345 Insufficient Verification of Data Authenticity",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:43.109Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26871"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-03-31T00:00:00+00:00",
            "value": "CVE-2022-26871 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex Central",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2019 (on-premise), SaaS"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Arbitrary File Upload",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-03-29T20:45:20.000Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000290678"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/jp/solution/000290660"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.jpcert.or.jp/english/at/2022/at220008.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://jvn.jp/vu/JVNVU99107357"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2022-26871",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Apex Central",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2019 (on-premise), SaaS"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Arbitrary File Upload"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000290678",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000290678"
            },
            {
              "name": "https://success.trendmicro.com/jp/solution/000290660",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/jp/solution/000290660"
            },
            {
              "name": "https://www.jpcert.or.jp/english/at/2022/at220008.html",
              "refsource": "MISC",
              "url": "https://www.jpcert.or.jp/english/at/2022/at220008.html"
            },
            {
              "name": "https://jvn.jp/vu/JVNVU99107357",
              "refsource": "MISC",
              "url": "https://jvn.jp/vu/JVNVU99107357"
            },
            {
              "name": "https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435",
              "refsource": "MISC",
              "url": "https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2022-26871",
    "datePublished": "2022-03-29T20:45:20.000Z",
    "dateReserved": "2022-03-10T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:15:43.109Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2022-26871",
      "cwes": "[\"CWE-184\"]",
      "dateAdded": "2022-03-31",
      "dueDate": "2022-04-21",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://nvd.nist.gov/vuln/detail/CVE-2022-26871",
      "product": "Apex Central",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution.",
      "vendorProject": "Trend Micro",
      "vulnerabilityName": "Trend Micro Apex Central Arbitrary File Upload Vulnerability"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-04-21",
      "cisaExploitAdd": "2022-03-31",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Trend Micro Apex Central Arbitrary File Upload Vulnerability",
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:windows:*:*\", \"matchCriteriaId\": \"7F2620DA-8727-43FF-8A4D-72145CDDE4CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:trendmicro:apex_one:-:*:*:*:*:saas:*:*\", \"matchCriteriaId\": \"576055B3-C274-430E-98DA-BCC578F8C295\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de carga de archivos arbitrarios en Trend Micro Apex Central podr\\u00eda permitir a un atacante remoto no autenticado cargar un archivo arbitrario que podr\\u00eda conllevar a una ejecuci\\u00f3n de c\\u00f3digo remota\"}]",
      "id": "CVE-2022-26871",
      "lastModified": "2024-11-21T06:54:43.193",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-03-29T21:15:07.760",
      "references": "[{\"url\": \"https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://jvn.jp/vu/JVNVU99107357\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://success.trendmicro.com/jp/solution/000290660\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Mitigation\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://success.trendmicro.com/solution/000290678\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Mitigation\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.jpcert.or.jp/english/at/2022/at220008.html\", \"source\": \"security@trendmicro.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://jvn.jp/vu/JVNVU99107357\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://success.trendmicro.com/jp/solution/000290660\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://success.trendmicro.com/solution/000290678\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.jpcert.or.jp/english/at/2022/at220008.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "security@trendmicro.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-345\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-26871\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2022-03-29T21:15:07.760\",\"lastModified\":\"2025-12-22T13:53:51.647\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de carga de archivos arbitrarios en Trend Micro Apex Central podr\u00eda permitir a un atacante remoto no autenticado cargar un archivo arbitrario que podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo remota\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-03-31\",\"cisaActionDue\":\"2022-04-21\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Trend Micro Apex Central Arbitrary File Upload Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-345\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-345\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1A4CE49-201A-4A47-A760-6463C454A6AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:apex_one:-:*:*:*:*:saas:*:*\",\"matchCriteriaId\":\"576055B3-C274-430E-98DA-BCC578F8C295\"}]}]}],\"references\":[{\"url\":\"https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://jvn.jp/vu/JVNVU99107357\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://success.trendmicro.com/jp/solution/000290660\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://success.trendmicro.com/solution/000290678\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.jpcert.or.jp/english/at/2022/at220008.html\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://jvn.jp/vu/JVNVU99107357\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://success.trendmicro.com/jp/solution/000290660\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://success.trendmicro.com/solution/000290678\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.jpcert.or.jp/english/at/2022/at220008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26871\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://success.trendmicro.com/solution/000290678\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://success.trendmicro.com/jp/solution/000290660\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.jpcert.or.jp/english/at/2022/at220008.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://jvn.jp/vu/JVNVU99107357\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T05:18:38.023Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-26871\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-29T16:35:02.298420Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-03-31\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26871\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-03-31T00:00:00+00:00\", \"value\": \"CVE-2022-26871 added to CISA KEV\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-345\", \"description\": \"CWE-345 Insufficient Verification of Data Authenticity\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-29T16:33:17.278Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Trend Micro\", \"product\": \"Trend Micro Apex Central\", \"versions\": [{\"status\": \"affected\", \"version\": \"2019 (on-premise), SaaS\"}]}], \"references\": [{\"url\": \"https://success.trendmicro.com/solution/000290678\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://success.trendmicro.com/jp/solution/000290660\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.jpcert.or.jp/english/at/2022/at220008.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://jvn.jp/vu/JVNVU99107357\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Arbitrary File Upload\"}]}], \"providerMetadata\": {\"orgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"shortName\": \"trendmicro\", \"dateUpdated\": \"2022-03-29T20:45:20.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"2019 (on-premise), SaaS\"}]}, \"product_name\": \"Trend Micro Apex Central\"}]}, \"vendor_name\": \"Trend Micro\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://success.trendmicro.com/solution/000290678\", \"name\": \"https://success.trendmicro.com/solution/000290678\", \"refsource\": \"MISC\"}, {\"url\": \"https://success.trendmicro.com/jp/solution/000290660\", \"name\": \"https://success.trendmicro.com/jp/solution/000290660\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.jpcert.or.jp/english/at/2022/at220008.html\", \"name\": \"https://www.jpcert.or.jp/english/at/2022/at220008.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://jvn.jp/vu/JVNVU99107357\", \"name\": \"https://jvn.jp/vu/JVNVU99107357\", \"refsource\": \"MISC\"}, {\"url\": \"https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435\", \"name\": \"https://appweb.trendmicro.com/supportNews/NewsDetail.aspx?id=4435\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Arbitrary File Upload\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-26871\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"security@trendmicro.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-26871\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T18:47:00.595Z\", \"dateReserved\": \"2022-03-10T00:00:00.000Z\", \"assignerOrgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"datePublished\": \"2022-03-29T20:45:20.000Z\", \"assignerShortName\": \"trendmicro\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.