Vulnerabilities > Trendmicro

DATE CVE VULNERABILITY TITLE RISK
2022-01-20 CVE-2022-23120 Code Injection vulnerability in Trendmicro Deep Security Agent 20.0
A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root.
local
low complexity
trendmicro CWE-94
7.8
2022-01-10 CVE-2021-44024 Link Following vulnerability in Trendmicro products
A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM.
local
low complexity
trendmicro CWE-59
7.1
2022-01-10 CVE-2021-45231 Link Following vulnerability in Trendmicro products
A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on the affected system.
local
low complexity
trendmicro CWE-59
7.8
2022-01-10 CVE-2021-45440 Improper Privilege Management vulnerability in Trendmicro products
A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges.
local
low complexity
trendmicro CWE-269
7.8
2022-01-10 CVE-2021-45441 Origin Validation Error vulnerability in Trendmicro products
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and elevate to a higher level of privileges.
local
low complexity
trendmicro CWE-346
7.8
2022-01-10 CVE-2021-45442 Link Following vulnerability in Trendmicro products
A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM.
local
low complexity
trendmicro CWE-59
7.1
2021-12-16 CVE-2021-44023 Link Following vulnerability in Trendmicro products
A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service.
local
low complexity
trendmicro CWE-59
7.1
2021-12-03 CVE-2021-43772 Files or Directories Accessible to External Parties vulnerability in Trendmicro products
Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection.
local
low complexity
trendmicro CWE-552
5.5
2021-12-03 CVE-2021-44019 Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-269
7.8
2021-12-03 CVE-2021-44020 Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-269
7.8