Vulnerabilities > Trendmicro > IM Security > High

DATE CVE VULNERABILITY TITLE RISK
2021-05-10 CVE-2021-31520 Improper Authentication vulnerability in Trendmicro IM Security 1.6/1.6.5
A weak session token authentication bypass vulnerability in Trend Micro IM Security 1.6 and 1.6.5 could allow an remote attacker to guess currently logged-in administrators' session session token in order to gain access to the product's web management interface.
network
high complexity
trendmicro CWE-287
8.1
2020-02-20 CVE-2019-14688 Uncontrolled Search Path Element vulnerability in Trendmicro products
Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation.
local
high complexity
trendmicro CWE-427
7.0