Vulnerability Details CVE-2026-34928
An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different named pipe communication mechanism.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.8%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2026-34928
-
cpe:2.3:a:trendmicro:apex_one:-
-
cpe:2.3:a:trendmicro:apex_one:14.0
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.12980
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.12994
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.13122
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.13131
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.13140
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.13984
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.14002
-
cpe:2.3:a:trendmicro:apex_one:14.0.0.14081
-
cpe:2.3:a:trendmicro:apex_one:14.0.12737
-
cpe:2.3:a:trendmicro:apex_one:14.0.12849
-
cpe:2.3:a:trendmicro:apex_one:14.0.13139
-
cpe:2.3:a:trendmicro:apex_one:14.0.14203
-
cpe:2.3:a:trendmicro:apex_one:14.0.14492