CVE-2023-0587

CVE-2023-0587 is a critical-severity vulnerability in Trendmicro Apex One with a CVSS 3.x base score of 9.1. Its EPSS exploit-prediction score of 60% places it in the 99th percentile, indicating an elevated likelihood of exploitation. The underlying weakness is classified as CWE-434.

Key facts

Description

A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory (i.e., \PCCSRV\TEMP\SampleSubmission) on the server. The attacker can upload a large number of large files to fill up the file system on which the Apex One server is installed.

Frequently asked questions

What is CVE-2023-0587?
A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Using a malformed Content-Length header in an HTTP PUT message sent to URL /officescan/console/html/cgi/fcgiOfcDDA.exe, an unauthenticated remote attacker can upload arbitrary files to the SampleSubmission directory (i.e., \PCCSRV\TEMP\SampleSubmission) on the server. The attacker can upload a large number of large files to fill up the file system on which the Apex One server is installed.
How severe is CVE-2023-0587?
CVE-2023-0587 has a CVSS 3.x base score of 9.1, rated critical severity. It is exploitable over network with low attack complexity, requires no privileges and no user interaction. Impact on confidentiality is none, integrity high, and availability high.
Is CVE-2023-0587 being actively exploited?
It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 60% (99th percentile), an estimate of the probability of exploitation in the next 30 days.
What products are affected by CVE-2023-0587?
CVE-2023-0587 affects Trendmicro Apex One. See the affected-products list for the exact vulnerable versions.
How do I fix CVE-2023-0587?
Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround. Given its critical severity, prioritise patching exposed systems.
When was CVE-2023-0587 published?
CVE-2023-0587 was published on 2023-02-01 and last updated on 2026-06-17.

References

Affected products (1)

More vulnerabilities in Trendmicro Apex One

All CVEs affecting Trendmicro Apex One →

Other CWE-434 (Unrestricted Upload of File with Dangerous Type) vulnerabilities

Browse all CWE-434 (Unrestricted Upload of File with Dangerous Type) vulnerabilities →