CVE-2021-42108 – Trend Micro Apex One Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42108
Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. ... Nota: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000289229 https://success.trendmicro.com/solution/000289230 https://www.zerodayinitiative.com/advisories/ZDI-21-1217 • CWE-269: Improper Privilege Management •
CVE-2021-42011 – Trend Micro Apex One Incorrect Permission Assignment Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42011
Nota: un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000289229 https://www.zerodayinitiative.com/advisories/ZDI-21-1220 • CWE-276: Incorrect Default Permissions •
CVE-2021-42102 – Trend Micro Apex One Uncontrolled Search Path Element Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42102
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service agents could allow a local attacker to escalate privileges on affected installations. ... Un atacante debe obtener primero la capacidad de ejecutar código con pocos privilegios en el sistema de destino para poder explotar esta vulnerabilidad This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000289229 https://www.zerodayinitiative.com/advisories/ZDI-21-1222 • CWE-427: Uncontrolled Search Path Element •
CVE-2021-42101 – Trend Micro Apex One Uncontrolled Search Path Element Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42101
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. ... Esta vulnerabilidad es similar pero no idéntica a CVE-2021-42103 This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000289229 https://www.zerodayinitiative.com/advisories/ZDI-21-1219 • CWE-427: Uncontrolled Search Path Element •
CVE-2021-42105 – Trend Micro Apex One Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42105
Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. ... Esta vulnerabilidad es similar pero no idéntica a las CVE-2021-42104, 42106 y 42107 This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://success.trendmicro.com/solution/000289229 https://success.trendmicro.com/solution/000289230 https://www.zerodayinitiative.com/advisories/ZDI-21-1215 • CWE-269: Improper Privilege Management •