Vulnerabilities > CVE-2022-33158 - Files or Directories Accessible to External Parties vulnerability in Trendmicro VPN Proxy ONE PRO

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
trendmicro
CWE-552

Summary

Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalation on an affected system.

Vulnerable Configurations

Part Description Count
Application
Trendmicro
1
OS
Microsoft
1