An Apex One vulnerability has recently emerged, with its customers being warned to apply appropriate patches before threat actors would come to abuse it. According to reports, this critical flaw has already been actively exploited; thus, those who have yet to patch theirs must do immediately to stay protected.
The Apex One platform helps businesses with endpoint security solutions through automated detection and action against computer viruses, payloads, malware, malicious tools, and vulnerabilities. The flaw found on the security platform tracked as CVE-2022-40139 allows threat actors to execute arbitrary remote code against targeted systems, especially the unpatched ones.
From a released advisory, Apex One clarified that for a hacker to abuse the vulnerability, they must first access the platform’s server admin console.
Although the clarification is good news, the Apex One representative underlined that all customers must remain alert and update their platforms to the latest version as soon as possible. It is because there had been at least one active exploitation of the Apex One vulnerability spotted in the wild that had compromised a customer’s servers.
Another high-severity flaw, tracked as CVE-2022-40144, has also been addressed by the security firm, which attackers can abuse to evade security authentication by forging request parameters within affected servers.
A separate vulnerability was also fixed last April, which affected their Apex Central product management control. This security flaw allowed threat actors to execute arbitrary remote code against vulnerable client systems.
Furthermore, the security firm added that attackers could not easily abuse these known vulnerabilities unless they have access to an already vulnerable machine. Nonetheless, all customers are strongly advised to apply patches and updates to protect themselves before a threat actor could compromise their computers.
Security experts also recommend users regularly check and review remote access logs to their critical systems and maintain up-to-date perimeters. Several of the firm’s detected security vulnerabilities had been added to CISA’s catalogue of known exploited vulnerabilities.
