Vulnerabilities > Trendmicro > Officescan > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-04 CVE-2021-32464 Incorrect Default Permissions vulnerability in Trendmicro Apex ONE and Officescan
An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed.
local
low complexity
trendmicro CWE-276
7.2
2021-07-29 CVE-2021-36741 Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro products
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations.
network
low complexity
trendmicro CWE-434
8.8
2021-04-13 CVE-2021-28645 Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Apex ONE and Officescan
An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-732
7.2
2021-04-13 CVE-2021-25253 Improper Privilege Management vulnerability in Trendmicro Apex ONE and Officescan
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-269
7.2
2021-04-13 CVE-2021-25250 Improper Privilege Management vulnerability in Trendmicro Apex ONE and Officescan
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-269
7.2
2021-02-04 CVE-2021-25249 Out-of-bounds Write vulnerability in Trendmicro Apex One, Officescan and Worry-Free Business Security
An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-787
7.2
2020-09-29 CVE-2020-24562 Improper Privilege Management vulnerability in Trendmicro Officescan XG
A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution.
local
low complexity
trendmicro CWE-269
7.2
2020-09-01 CVE-2020-24559 Link Following vulnerability in Trendmicro products
A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as root.
local
low complexity
trendmicro CWE-59
7.2
2020-08-05 CVE-2020-8607 Improper Input Validation vulnerability in Trendmicro products
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode.
local
low complexity
trendmicro CWE-20
7.2
2017-10-06 CVE-2017-14089 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendmicro Officescan 11.0/12.0
An Unauthorized Memory Corruption vulnerability in Trend Micro OfficeScan 11.0 and XG may allow remote unauthenticated users who can access the OfficeScan server to target cgiShowClientAdm.exe and cause memory corruption issues.
network
low complexity
trendmicro CWE-119
7.5