HomeIntelligenceBrief
VULNERABILITY BRIEF🟠 High Vulnerability

High CVSS Local Privilege Escalation in TrendAI Vision One Security Agent (CVE-2026-34928) Threatens Endpoint Integrity

TrendAI Vision One Security Agent contains a local privilege escalation flaw (CVE-2026-34928) that lets a low‑privileged attacker gain SYSTEM rights. The issue affects all pre‑May 2026 versions and poses a supply‑chain risk for organizations relying on third‑party endpoint protection.

LiveThreat™ Intelligence · 📅 May 29, 2026· 📰 zerodayinitiative.com
🟠
Severity
High
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
5 recommended
📰
Source
zerodayinitiative.com

High CVSS Local Privilege Escalation in TrendAI Vision One Security Agent (CVE-2026-34928) Threatens Endpoint Integrity

What It Is — A local privilege escalation flaw in the Apex One NT Listener service of TrendAI Vision One Security Agent permits a low‑privileged attacker to obtain SYSTEM rights. The root cause is insufficient validation of the origin of commands processed by the service.

Exploitability — Exploitation requires prior execution of low‑privileged code on the target host; no public PoC is released, but the vulnerability is actively being patched. CVSS 7.8 (High).

Affected Products — TrendAI Vision One Security Agent (all versions released before the May 2026 security update).

TPRM Impact — A compromised third‑party endpoint security agent can give an attacker full control of the host, enabling data exfiltration, lateral movement, and sabotage of security controls across the supply chain.

Recommended Actions — Deploy TrendAI’s May 2026 patch without delay; enforce strict least‑privilege execution policies; validate endpoint integrity with independent monitoring tools; monitor for anomalous SYSTEM‑level activity; incorporate patch‑management clauses into vendor contracts to ensure timely remediation.

Source: Zero Day Initiative Advisory – ZDI‑26‑321

📰 Original Source
http://www.zerodayinitiative.com/advisories/ZDI-26-321/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Every gap like this maps to a control you can evidence.

The Verisq AI Trust Operations platform maps incidents to your control framework and collects the evidence continuously — so your Trust Center shows proof, not promises, when a buyer or auditor asks.

Explore the Verisq AI Trust Operations platform →