Tag Archives: CVE-2022-44654

baramundi Management Agent – The Discovery of CVE-2022-43747

This blog post walks you into the discovery of CVE-2022-43747 in baramundi Management Agent (bMA). CVE-2022-43747 is a buffer overflow vulnerability, which allows an attacker to achieve remote code execution when a certain condition is met. In this post I will demonstrate how I have discovered the vulnerability, what condition is required for code execution […]

[CVE-2022-44654] Trend Micro Apex One – Security Flaw in UMH Monitoring Engine Module

CVE-2022-44654 is assigned to a weakness that I have discovered in the User-Mode Hooking (UMH) Monitoring Engine module of Trend Micro Apex One and Apex One as a Service. This module, which helps to monitor for malicious payloads on Windows by injecting itself into each user-mode process and hooking certain Windows APIs, is missing an […]