Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3143 articles · 171645 vulns · 37/41 feeds (7d)
← Back to list
7.8
CVE-2026-34930PATCHED
trend micro · apex one

CVE-2026-34930: An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affe

Description

An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Affected Products

VendorProductVersions
trend microapex one2019 (14.0), SaaS

Also Affects

Downstream vendors/products affected by this vulnerability

VendorProductSourceConfidence
trend microapex onecert_advisory90%

References

  • https://success.trendmicro.com/en-US/solution/KA-0023430

Related News (3 articles)

Tier B
BSI Advisories44d ago
[NEU] [mittel] Trend Micro Apex One: Mehrere Schwachstellen ermöglichen Privilegieneskalation und die Ausführung von Code
→ No new info (linked only)
Tier B
CERT-FR44d ago
Multiples vulnérabilités dans les produits Trend Micro (22 mai 2026)
→ No new info (linked only)
Tier C
VulDB45d ago
CVE-2026-34930 | Trend Micro TrendAI Apex One/TrendAI Apex One as a Service origin validation (EUVD-2026-31282)
→ No new info (linked only)
CVSS 3.17.8 HIGH
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA KEV❌ No
Actively exploited❌ No
Patch available
14.0.0.1707914.0.20731
CWECWE-346
PublishedMay 21, 2026
Last enriched45d agov2
Trending Score0
Source articles3
Independent3
Info Completeness9/14
Missing: epss, kev, exploit, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Related CVEs (5)

HIGHCVE-2025-71213
CVE-2025-71213: An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on
HIGHCVE-2025-71215
CVE-2025-71215: A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent iCore service signature verification c
HIGHCVE-2025-71212
CVE-2025-71212: A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalate privileg
MEDIUMCVE-2026-34926EXPKEV
CVE-2026-34926: A directory traversal vulnerability in the Apex One (on-premise) server could allow a pre-authenticated local attacker t
CRITICALCVE-2025-71210
CVE-2025-71210: A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code an

Pin to Dashboard

Verification

State: unverified
Confidence: 0%

Vulnerability Timeline

CVE Published
May 21, 2026
Discovered by ZDM
May 21, 2026
Updated: severity
May 21, 2026
Patch Available
May 22, 2026

Version History

v2
Last enriched 45d ago
v2Tier C45d ago

Updated severity to CRITICAL and noted that no exploit is available.

severity
via VulDB
v145d ago

Initial creation