Vulnerabilities > Trendmicro > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-04 CVE-2021-32465 Improper Preservation of Permissions vulnerability in Trendmicro Apex ONE and Officescan
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations.
network
low complexity
trendmicro CWE-281
8.8
2021-07-29 CVE-2021-36741 Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro products
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations.
network
low complexity
trendmicro CWE-434
8.8
2021-07-29 CVE-2021-36742 Improper Input Validation vulnerability in Trendmicro products
A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations.
local
low complexity
trendmicro CWE-20
7.8
2021-07-20 CVE-2021-32463 Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Apex ONE and Worry-Free Business Security
An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected installations.
local
low complexity
trendmicro CWE-732
7.8
2021-07-08 CVE-2021-32461 Incorrect Conversion between Numeric Types vulnerability in Trendmicro Password Manager
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Privilege Escalation vulnerability which could allow a local attacker to trigger a buffer overflow and escalate privileges on affected installations.
local
low complexity
trendmicro CWE-681
7.8
2021-07-08 CVE-2021-32462 Unspecified vulnerability in Trendmicro Password Manager
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations.
network
low complexity
trendmicro
8.8
2021-06-03 CVE-2021-32460 Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Maximum Security 2021 17.0
The Trend Micro Maximum Security 2021 (v17) consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine.
local
low complexity
trendmicro CWE-732
7.8
2021-05-27 CVE-2021-32458 Out-of-bounds Write vulnerability in Trendmicro Home Network Security
Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices.
local
low complexity
trendmicro CWE-787
7.8
2021-05-26 CVE-2021-32457 Out-of-bounds Write vulnerability in Trendmicro Home Network Security 6.1.567/6.6.604
Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices.
local
low complexity
trendmicro CWE-787
7.8
2021-05-12 CVE-2021-28649 Incorrect Default Permissions vulnerability in Trendmicro Housecall for Home Networks 5.3.0.1063/5.3.1179
An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan.
local
low complexity
trendmicro CWE-276
7.3