CVE DATABASE / CVE-2023-32530
CVE-2023-32530
CVSS 8.8 · HIGH
Summary
Vulnerable modules of Trend Micro Apex Central (on-premise) contain vulnerabilities which would allow authenticated users to perform a SQL injection that could lead to remote code execution.Please note: an attacker must first obtain authentication on the target system in order to exploit these vulnerabilities.This is similar to, but not identical to CVE-2023-32529.
CVSS 3.1 breakdown
| Base score | 8.8 (HIGH) |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Attack vector | NETWORK |
| Attack complexity | LOW |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | HIGH |
| Integrity | HIGH |
| Availability | HIGH |
Weakness type (CWE)
Affected products
Trendmicro apex central
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US
- https://www.zerodayinitiative.com/advisories/ZDI-23-654/
Data: NIST NVD. NVD last modified 2025-12-22. Always verify against the vendor advisory before acting.