CVE-2021-25249

🗓️ 04 Feb 2021 19:36:52Reported by trendmicroType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 61 Views

Out-of-bounds write info disclosure vulnerability in Trend Micro Apex One, OfficeScan XG SP1, and Worry-Free Business Securit

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2021-25249	4 Feb 202122:34	–	circl
CNNVD	多款Trend Micro产品缓冲区错误漏洞	4 Feb 202100:00	–	cnnvd
CNVD	Buffer Overflow Vulnerability in Multiple Trend Micro Products	5 Feb 202100:00	–	cnvd
Cvelist	CVE-2021-25249	4 Feb 202119:36	–	cvelist
EUVD	EUVD-2021-12160	7 Oct 202500:30	–	euvd
NVD	CVE-2021-25249	4 Feb 202120:15	–	nvd
OSV	CVE-2021-25249	4 Feb 202120:15	–	osv
Prion	Information disclosure	4 Feb 202120:15	–	prion
RedhatCVE	CVE-2021-25249	22 May 202518:25	–	redhatcve
Zero Day Initiative	Trend Micro Apex One TmCCSF Out-Of-Bounds Write Privilege Escalation Vulnerability	29 Jan 202100:00	–	zdi

NVD

Node

trendmicro apex_oneMatch2019

trendmicro officescanMatchxgsp1

trendmicro worry-free_business_securityMatch10.0sp1

AND

microsoft windowsMatch-

[
  {
    "product": "Trend Micro Apex One",
    "vendor": "Trend Micro",
    "versions": [
      {
        "status": "affected",
        "version": "2019, SaaS"
      }
    ]
  },
  {
    "product": "Trend Micro OfficeScan",
    "vendor": "Trend Micro",
    "versions": [
      {
        "status": "affected",
        "version": "XG SP1"
      }
    ]
  },
  {
    "product": "Trend Micro Worry-Free Business Security",
    "vendor": "Trend Micro",
    "versions": [
      {
        "status": "affected",
        "version": "10.0 SP1, Services (SaaS)"
      }
    ]
  }
]

Source	Link
success	www.success.trendmicro.com/solution/000284202
success	www.success.trendmicro.com/solution/000284205
success	www.success.trendmicro.com/solution/000284206
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-21-119/

21 Nov 2024 05:54Current

7.5High risk

Vulners AI Score7.5

CVSS 27.2

CVSS 3.17.8

EPSS0.0008

CWE-787