Vulnerabilities > Trendmicro

DATE CVE VULNERABILITY TITLE RISK
2022-10-10 CVE-2022-41744 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Trendmicro Apex ONE 2019
A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One Vulnerability Protection integrated component could allow a local attacker to escalate privileges and turn a specific working directory into a mount point on affected installations.
local
high complexity
trendmicro CWE-367
7.0
2022-10-10 CVE-2022-41745 Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019
An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations.
local
high complexity
trendmicro CWE-125
7.0
2022-10-10 CVE-2022-41746 Forced Browsing vulnerability in Trendmicro Apex ONE 2019
A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to the Apex One console on affected installations to escalate privileges and modify certain agent groupings.
network
low complexity
trendmicro CWE-425
critical
9.1
2022-10-10 CVE-2022-41747 Improper Certificate Validation vulnerability in Trendmicro Apex ONE 2019
An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations.
local
low complexity
trendmicro CWE-295
7.8
2022-10-10 CVE-2022-41748 Incorrect Default Permissions vulnerability in Trendmicro Apex ONE 2019
A registry permissions vulnerability in the Trend Micro Apex One Data Loss Prevention (DLP) module could allow a local attacker with administrative credentials to bypass certain elements of the product's anti-tampering mechanisms on affected installations.
local
low complexity
trendmicro CWE-276
6.7
2022-10-10 CVE-2022-41749 Origin Validation Error vulnerability in Trendmicro Apex ONE 2019
An origin validation error vulnerability in Trend Micro Apex One agents could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-346
7.8
2022-09-28 CVE-2022-40707 Out-of-bounds Read vulnerability in Trendmicro Deep Security 20.0
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations.
local
low complexity
trendmicro CWE-125
3.3
2022-09-28 CVE-2022-40708 Out-of-bounds Read vulnerability in Trendmicro Deep Security 20.0
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations.
local
low complexity
trendmicro CWE-125
3.3
2022-09-28 CVE-2022-40709 Out-of-bounds Read vulnerability in Trendmicro Deep Security 20.0
An Out-of-bounds read vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to disclose sensitive information on affected installations.
local
low complexity
trendmicro CWE-125
3.3
2022-09-28 CVE-2022-40710 Link Following vulnerability in Trendmicro Deep Security 20.0
A link following vulnerability in Trend Micro Deep Security 20 and Cloud One - Workload Security Agent for Windows could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-59
7.8