CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-42104 – Trend Micro Apex One Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42104
19 Oct 2021 — Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42105, 42106 and 42107. Unas vulnerabilidades de privileg... • https://success.trendmicro.com/solution/000289229 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-42105 – Trend Micro Apex One Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42105
19 Oct 2021 — Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42106 and 42107. Unas vulnerabilidades de privileg... • https://success.trendmicro.com/solution/000289229 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-42106 – Trend Micro Apex One Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42106
19 Oct 2021 — Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42107. Unas vulnerabilidades de privileg... • https://success.trendmicro.com/solution/000289229 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-42107 – Trend Micro Apex One Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42107
19 Oct 2021 — Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42106. Unas vulnerabilidades de privileg... • https://success.trendmicro.com/solution/000289229 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-42108 – Trend Micro Apex One Unnecessary Privileges Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-42108
19 Oct 2021 — Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Unas vulnerabilidades de privilegios no necesarios en la consola web de Trend Micro Apex One, Apex One as a Service y Worry-Free Business Se... • https://success.trendmicro.com/solution/000289229 • CWE-269: Improper Privilege Management •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-3848
https://notcve.org/view.php?id=CVE-2021-3848
06 Oct 2021 — An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that could lead to a denial-of-service (DoS) on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad ... • https://success.trendmicro.com/solution/000289183 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-36744 – Trend Micro Maximum Security Directory Junction Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-36744
30 Aug 2021 — Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service. Trend Micro Security (Consumer) versiones 2021 y 2020, son vulnerables a una vulnerabilidad de salto de directorios que podría permitir a un atacante explotar el sistema para escalar privilegios y crear una denegación de servicio. This vulnerability allows local attackers to create a denial-of-service con... • https://helpcenter.trendmicro.com/en-us/article/tmka-10568 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2021-36742 – Trend Micro Multiple Products Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-36742
29 Jul 2021 — A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de comprobación de entrada inapropiada en Trend Micro Apex One, Apex One as a Service, OfficeScan XG y Worry-Free Business Sec... • https://success.trendmicro.com/jp/solution/000287796 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-36741 – Trend Micro Multiple Products Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-36741
29 Jul 2021 — An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product�s management console in order to exploit this vulnerability. Una vulnerabilidad de comprobación de entrada inapropiada en Trend Micro Apex One, Apex One as a Service, OfficeScan XG y Worry-Free Business Secu... • https://success.trendmicro.com/jp/solution/000287796 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2021-32463 – Trend Micro Apex One Incorrect Permission Assignment Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-32463
13 Jul 2021 — An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de denegación de servicio por asignación d... • https://success.trendmicro.com/solution/000286855 • CWE-732: Incorrect Permission Assignment for Critical Resource •