HomeIntelligenceBrief
VULNERABILITY BRIEF🟠 High Vulnerability

Local Privilege Escalation (CVE‑2026‑34929) in TrendAI Vision One Security Agent Threatens Endpoint Integrity

A newly disclosed CVE‑2026‑34929 in TrendAI’s Vision One Security Agent allows local attackers to elevate privileges to SYSTEM via an origin‑validation flaw in the Apex One NT Listener service. The vulnerability scores 7.8 (CVSS) and can be mitigated by applying TrendAI’s released patch. TPRM teams must verify remediation across all third‑party environments.

LiveThreat™ Intelligence · 📅 May 29, 2026· 📰 zerodayinitiative.com
🟠
Severity
High
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
5 recommended
📰
Source
zerodayinitiative.com

Local Privilege Escalation (CVE‑2026‑34929) in TrendAI Vision One Security Agent Threatens Endpoint Integrity

What It Is — TrendAI’s Vision One Security Agent contains an origin‑validation flaw in the Apex One NT Listener service that permits a local attacker to elevate privileges to SYSTEM. The vulnerability is tracked as CVE‑2026‑34929 and carries a CVSS 7.8 (High) score.

Exploitability — Exploitation requires the attacker to already run low‑privileged code on the host; no public exploit or malware leveraging this flaw has been observed in the wild.

Affected Products — TrendAI Vision One (Security Agent) – all versions prior to the vendor‑released patch.

TPRM Impact – Organizations that rely on TrendAI as a third‑party endpoint‑security provider may face lateral‑movement risk, potential data exposure, and compliance implications if the flaw is not promptly remediated.

Recommended Actions – Deploy TrendAI’s patch (see KB KA‑0023430) across all Vision One agents, verify remediation via inventory tools, monitor NT Listener logs for anomalous activity, and consider temporarily disabling the service if patching cannot be completed immediately. Source: Zero Day Initiative advisory

📰 Original Source
http://www.zerodayinitiative.com/advisories/ZDI-26-322/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Misconfigurations are control gaps in disguise.

Verisq AI Trust Operations turns findings like this into mapped controls with continuous evidence, keeping your audit readiness current instead of point-in-time.

Map your controls with Verisq AI Trust Operations →