Vulnerabilities > Trendmicro > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-10 CVE-2021-45442 Link Following vulnerability in Trendmicro products
A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM.
local
low complexity
trendmicro CWE-59
7.1
2021-12-16 CVE-2021-44023 Link Following vulnerability in Trendmicro products
A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service.
local
low complexity
trendmicro CWE-59
7.1
2021-12-03 CVE-2021-44019 Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-269
7.8
2021-12-03 CVE-2021-44020 Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-269
7.8
2021-12-03 CVE-2021-44021 Improper Privilege Management vulnerability in Trendmicro Worry-Free Business Security 10.0
An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-269
7.8
2021-11-30 CVE-2021-43771 Unspecified vulnerability in Trendmicro Antivirus 11.0/11.0.2062/11.0.2150
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application.
local
low complexity
trendmicro
7.8
2021-10-21 CVE-2021-23139 NULL Pointer Dereference vulnerability in Trendmicro products
A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations.
network
low complexity
trendmicro CWE-476
7.5
2021-10-21 CVE-2021-42011 Incorrect Default Permissions vulnerability in Trendmicro Apex ONE 2019
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations.
local
low complexity
trendmicro CWE-276
7.8
2021-10-21 CVE-2021-42012 Out-of-bounds Write vulnerability in Trendmicro products
A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-787
7.8
2021-10-21 CVE-2021-42101 Uncontrolled Search Path Element vulnerability in Trendmicro Apex ONE 2019
An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-427
7.8