Lucene search

K
cve[email protected]CVE-2022-33158
HistoryJul 30, 2022 - 12:15 a.m.

CVE-2022-33158

2022-07-3000:15:08
CWE-552
web.nvd.nist.gov
39
2
cve-2022-33158
trend micro
vpn
proxy pro
vulnerability
privilege escalation
nvd

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalation on an affected system.

Affected configurations

NVD
Node
trendmicrovpn_proxy_one_proRange5.2.1026
AND
microsoftwindowsMatch-

CNA Affected

[
  {
    "product": "Trend Micro VPN Proxy One Pro (Consumer)",
    "vendor": "Trend Micro",
    "versions": [
      {
        "status": "affected",
        "version": "5.2.1026 and below"
      }
    ]
  }
]

Social References

More

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.6 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

Related for CVE-2022-33158