Vulnerabilities > Trendmicro > Apex ONE > 2019
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-27 | CVE-2022-30701 | Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019 An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. | 7.8 |
| 2022-02-24 | CVE-2022-24678 | Resource Exhaustion vulnerability in Trendmicro products An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a temporary log location and consume all disk space on affected installations. | 7.5 |
| 2022-02-24 | CVE-2022-24679 | Link Following vulnerability in Trendmicro products A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder in an arbitrary location and escalate privileges affected installations. | 7.8 |
| 2022-02-24 | CVE-2022-24680 | Link Following vulnerability in Trendmicro products A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a mount point and leverage this for arbitrary folder deletion, leading to escalated privileges on affected installations. | 7.8 |
| 2022-01-10 | CVE-2021-44024 | Link Following vulnerability in Trendmicro products A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. | 7.1 |
| 2022-01-10 | CVE-2021-45231 | Link Following vulnerability in Trendmicro products A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on the affected system. | 7.8 |
| 2022-01-10 | CVE-2021-45440 | Improper Privilege Management vulnerability in Trendmicro products A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges. | 7.8 |
| 2022-01-10 | CVE-2021-45441 | Origin Validation Error vulnerability in Trendmicro products A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and elevate to a higher level of privileges. | 7.8 |
| 2022-01-10 | CVE-2021-45442 | Link Following vulnerability in Trendmicro products A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. | 7.1 |
| 2021-12-03 | CVE-2021-44022 | Reachable Assertion vulnerability in Trendmicro Apex ONE 2019 A reachable assertion vulnerability in Trend Micro Apex One could allow an attacker to crash the program on affected installations, leading to a denial-of-service (DoS). | 5.5 |