1 results (0.004 seconds)
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41183 – Trend Micro VPN Proxy One Pro Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-41183
30 Jul 2024 — Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro VPN Proxy One Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DEP Manager. By creating a symbolic link, an attacker can ab... • https://helpcenter.trendmicro.com/en-us/article/tmka-14460 • CWE-73: External Control of File Name or Path •