CVE-2021-32462
Trend Micro Password Manager Exposed Dangerous Function Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability.
Trend Micro Password Manager (Consumer) versiones 5.0.0.1217 y por debajo es susceptible a una vulnerabilidad de Ejecución de Código Remota de Función Peligrosa Expuesta que podría permitir a un cliente no privilegiado manipular el registro y escalar privilegios para SYSTEM en las instalaciones afectadas. Es requerida la autenticación para explotar esta vulnerabilidad
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Password Manager. Authentication is required to exploit this vulnerability.
The specific flaw exists within the Trend Micro Password Manager Central Control Service. The issue results from the exposure of a dangerous method or function to unprivileged users. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-05-07 CVE Reserved
- 2021-07-05 CVE Published
- 2024-08-03 CVE Updated
- 2024-10-09 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://www.zerodayinitiative.com/advisories/ZDI-21-774 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://helpcenter.trendmicro.com/en-us/article/TMKA-10388 | 2021-07-23 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Trendmicro Search vendor "Trendmicro" | Password Manager Search vendor "Trendmicro" for product "Password Manager" | <= 5.0.0.1217 Search vendor "Trendmicro" for product "Password Manager" and version " <= 5.0.0.1217" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|