Vulnerabilities > Trendmicro > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-24 | CVE-2022-24679 | Link Following vulnerability in Trendmicro products A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder in an arbitrary location and escalate privileges affected installations. | 7.8 |
2022-02-24 | CVE-2022-24680 | Link Following vulnerability in Trendmicro products A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a mount point and leverage this for arbitrary folder deletion, leading to escalated privileges on affected installations. | 7.8 |
2022-02-24 | CVE-2022-25331 | Unspecified vulnerability in Trendmicro products Uncaught exceptions that can be generated in Trend Micro ServerProtection 6.0/5.8 Information Server could allow a remote attacker to crash the process. | 7.5 |
2022-02-04 | CVE-2022-23805 | Out-of-bounds Read vulnerability in Trendmicro Worry-Free Business Security 10.0 A security out-of-bounds read information disclosure vulnerability in Trend Micro Worry-Free Business Security Server could allow a local attacker to send garbage data to a specific named pipe and crash the server. | 7.1 |
2022-01-20 | CVE-2022-23119 | Path Traversal vulnerability in Trendmicro Deep Security Agent 20.0 A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. | 7.5 |
2022-01-20 | CVE-2022-23120 | Code Injection vulnerability in Trendmicro Deep Security Agent 20.0 A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. | 7.8 |
2022-01-10 | CVE-2021-44024 | Link Following vulnerability in Trendmicro products A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. | 7.1 |
2022-01-10 | CVE-2021-45231 | Link Following vulnerability in Trendmicro products A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on the affected system. | 7.8 |
2022-01-10 | CVE-2021-45440 | Improper Privilege Management vulnerability in Trendmicro products A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges. | 7.8 |
2022-01-10 | CVE-2021-45441 | Origin Validation Error vulnerability in Trendmicro products A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and elevate to a higher level of privileges. | 7.8 |