TXOne Networks
Hero background

CVE-2023-25069

Last Updated: March 17, 2023

Trend Micro TXOne StellarOne Improper Access Control Privilege Escalation Vulnerability

CVE IDCVE-2023-25069
SeverityHigh
Affected VendorsTXOne Networks
Affected ProductsStellar before V2.0.1160
Vulnerability DetailsThis vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro TXOne StellarOne. Authentication is required to exploit this vulnerability.The specific flaw exists within the Account endpoint. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user.
Solutions & RulesFixed in version V2.1.1127
CreditElias Martinez of MD Anderson Cancer Center

Questions About This Advisory?

Our PSIRT team is here to help with security-related inquiries.

security@txone.com