CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-44024 – Trend Micro Apex One Link Following Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-44024
06 Jan 2022 — A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de denegación de servicio en Trend Micro Apex One (on-prem y SaaS) y Trend Micro Worry-Free Business ... • https://success.trendmicro.com/solution/000289996 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-45440 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-45440
06 Jan 2022 — A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de privilegios no necesarios en Trend Micro Apex One y Trend Micro Worry-Free Business Security ... • https://success.trendmicro.com/solution/000289996 • CWE-269: Improper Privilege Management •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-45442 – Trend Micro Worry-Free Business Security Link Following Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-45442
06 Jan 2022 — A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. This is similar to, but not the same as CVE-2021-44024. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de denegación de servicio en Trend Micro Worry-Free Business Security (sólo en prem) podría permit... • https://success.trendmicro.com/solution/000289996 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2021-44023 – Trend Micro Maximum Security Link Following Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-44023
14 Dec 2021 — A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service. Una vulnerabilidad de denegación de servicio (DoS) en la familia de productos Trend Micro Security (Consumer) versión 2021, podría permitir a un atacante abusar de la función PC Health Checkup del producto para crear... • https://helpcenter.trendmicro.com/en-us/article/tmka-10867 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-43772
https://notcve.org/view.php?id=CVE-2021-43772
03 Dec 2021 — Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection. Trend Micro Security 2021 versión v17.0 (Consumer), contiene una vulnerabilidad que permite modificar los archivos dentro de la carpeta protegida sin ninguna detección • https://helpcenter.trendmicro.com/en-us/article/tmka-10855 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44019 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44019
30 Nov 2021 — An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44020 and 44021. Una vulnerabilidad de privilegios no necesarios en Trend Micro Worry-Free Business Security versión 10.0 SP1, podr... • https://success.trendmicro.com/solution/000289230 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44020 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44020
30 Nov 2021 — An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44021. Una vulnerabilidad de privilegios no necesarios en Trend Micro Worry-Free Business Security versión 10.0 SP1, podr... • https://success.trendmicro.com/solution/000289230 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-44021 – Trend Micro Worry-Free Business Security Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-44021
30 Nov 2021 — An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44020. Una vulnerabilidad de privilegios no necesarios en Trend Micro Worry-Free Business Security versión 10.0 SP1, podr... • https://success.trendmicro.com/solution/000289230 • CWE-269: Improper Privilege Management •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-23139
https://notcve.org/view.php?id=CVE-2021-23139
21 Oct 2021 — A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations. Una vulnerabilidad de puntero null en Trend Micro Apex One y Worry-Free Business Security versión 10.0 SP1, podría permitir a un atacante bloquear el programa CGI en las instalaciones afectadas • https://success.trendmicro.com/solution/000289229 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-42012 – Trend Micro Worry-Free Business Security Stack-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42012
19 Oct 2021 — A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de desbordamiento del búfer en la región stack de la memoria en Trend Micro Apex One, Apex One as a Service y Worry-Free Business Secu... • https://success.trendmicro.com/solution/000289229 • CWE-787: Out-of-bounds Write •