CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44019 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44019
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44020 and 44021. Una vulnerabilidad de privilegios no necesarios en Trend Micro Worry-Free Business Security versión 10.0 SP1, podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. Nota: un atacante debe obtener primero la capacidad de ejecutar código poco privilegiado en el sistema de destino para poder explotar esta vulnerabilidad. • https://success.trendmicro.com/solution/000289230 https://www.zerodayinitiative.com/advisories/ZDI-21-1364 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44021 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44021
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44020. Una vulnerabilidad de privilegios no necesarios en Trend Micro Worry-Free Business Security versión 10.0 SP1, podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. Nota: un atacante debe obtener primero la capacidad de ejecutar código poco privilegiado en el sistema de destino para poder explotar esta vulnerabilidad. • https://success.trendmicro.com/solution/000289230 https://www.zerodayinitiative.com/advisories/ZDI-21-1366 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44020 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44020
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44021. Una vulnerabilidad de privilegios no necesarios en Trend Micro Worry-Free Business Security versión 10.0 SP1, podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. Nota: un atacante debe obtener primero la capacidad de ejecutar código poco privilegiado en el sistema de destino para poder explotar esta vulnerabilidad. • https://success.trendmicro.com/solution/000289230 https://www.zerodayinitiative.com/advisories/ZDI-21-1365 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-23139
https://notcve.org/view.php?id=CVE-2021-23139
A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations. Una vulnerabilidad de puntero null en Trend Micro Apex One y Worry-Free Business Security versión 10.0 SP1, podría permitir a un atacante bloquear el programa CGI en las instalaciones afectadas • https://success.trendmicro.com/solution/000289229 https://success.trendmicro.com/solution/000289230 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-42012 – Trend Micro Worry-Free Business Security Stack-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42012
A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de desbordamiento del búfer en la región stack de la memoria en Trend Micro Apex One, Apex One as a Service y Worry-Free Business Security versión 10.0 SP1, podría permitir a un atacante local escalar privilegios en las instalaciones afectadas. Nota: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Worry-Free Business Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Trend Micro Security Server Database Service. • https://success.trendmicro.com/solution/000289229 https://success.trendmicro.com/solution/000289230 https://www.zerodayinitiative.com/advisories/ZDI-21-1221 • CWE-787: Out-of-bounds Write •