Pattern Micro has launched an advisory masking a important zero-day flaw — tracked as CVE-2023-41179 — that impacts Apex One, Apex One SaaS, and Fear-Free Enterprise Safety.
The vulnerability will be exploited for arbitrary code execution, and it revolves across the “merchandise’ potential to uninstall third-party safety software program.”
The advisory, written in Japanese, particulars how an attacker would want entry to a product’s administrative console and would have needed to have stolen its administration console authentication previous to the assault, for the reason that vulnerability cannot infiltrate a community by itself.
Pattern Micro additionally famous that this vulnerability has been exploited within the wild, having “confirmed that this vulnerability has been utilized in precise assaults. We suggest updating to the most recent model as quickly as doable.”
Patches have been launched for merchandise impacted by this vulnerability.
