Vulnerabilities > Trendmicro
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-19 | CVE-2023-41179 | Unspecified vulnerability in Trendmicro products A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability. | 7.2 |
2023-06-26 | CVE-2023-28929 | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started. | 7.8 |
2023-06-26 | CVE-2023-30902 | Unspecified vulnerability in Trendmicro Apex ONE 14.0.10349/2019 A privilege escalation vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to unintentionally delete privileged Trend Micro registry keys including its own protected registry keys on affected installations. | 5.5 |
2023-06-26 | CVE-2023-32521 | Path Traversal vulnerability in Trendmicro Mobile Security 9.8 A path traversal exists in a specific service dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an unauthenticated remote attacker to delete arbitrary files. | 9.1 |
2023-06-26 | CVE-2023-32522 | Path Traversal vulnerability in Trendmicro Mobile Security 9.8 A path traversal exists in a specific dll of Trend Micro Mobile Security (Enterprise) 9.8 SP5 which could allow an authenticated remote attacker to delete arbitrary files. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 8.1 |
2023-06-26 | CVE-2023-32523 | Improper Authentication vulnerability in Trendmicro Mobile Security 9.8 Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32524. | 8.8 |
2023-06-26 | CVE-2023-32524 | Improper Authentication vulnerability in Trendmicro Mobile Security 9.8 Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that would allow a remote user to bypass authentication and potentially chain with other vulnerabilities. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit these vulnerabilities. This is similar to, but not identical to CVE-2023-32523. | 8.8 |
2023-06-26 | CVE-2023-32525 | Unspecified vulnerability in Trendmicro Mobile Security 9.8 Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. | 6.5 |
2023-06-26 | CVE-2023-32526 | Unspecified vulnerability in Trendmicro Mobile Security 9.8 Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains widget vulnerabilities that could allow a remote attacker to create arbitrary files on affected installations. | 6.5 |
2023-06-26 | CVE-2023-32527 | Unspecified vulnerability in Trendmicro Mobile Security 9.8 Trend Micro Mobile Security (Enterprise) 9.8 SP5 contains vulnerable .php files that could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32528. | 8.8 |