Vulnerabilities > CVE-2021-32465 - Improper Preservation of Permissions vulnerability in Trendmicro Apex ONE and Officescan
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Common Weakness Enumeration (CWE)
Related news
References
- https://success.trendmicro.com/jp/solution/000287796
- https://success.trendmicro.com/jp/solution/000287796
- https://success.trendmicro.com/solution/000287819
- https://success.trendmicro.com/solution/000287819
- https://www.zerodayinitiative.com/advisories/ZDI-21-911/
- https://www.zerodayinitiative.com/advisories/ZDI-21-911/