Vulnerabilities > Trendmicro > Maximum Security 2021 > High

DATE CVE VULNERABILITY TITLE RISK
2023-06-26 CVE-2023-28929 Uncontrolled Search Path Element vulnerability in Trendmicro products
Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started.
local
low complexity
trendmicro CWE-427
7.8
2021-12-16 CVE-2021-44023 Link Following vulnerability in Trendmicro products
A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service.
local
low complexity
trendmicro CWE-59
7.1
2021-09-06 CVE-2021-36744 Link Following vulnerability in Trendmicro products
Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service.
local
low complexity
trendmicro CWE-59
7.8
2021-06-03 CVE-2021-32460 Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Maximum Security 2021 17.0
The Trend Micro Maximum Security 2021 (v17) consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine.
local
low complexity
trendmicro CWE-732
7.8
2021-02-10 CVE-2021-25251 Code Injection vulnerability in Trendmicro products
The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection.
network
low complexity
trendmicro CWE-94
7.2