Lucene search

K

Trend Micro Worry-Free Business Security Services Security Vulnerabilities

cve
cve

CVE-2023-41179

A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation. Note that.....

7.2CVSS

7.4AI Score

0.009EPSS

2023-09-19 02:15 PM
213
In Wild
cve
cve

CVE-2022-36336

A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an...

7.8CVSS

7.6AI Score

0.0004EPSS

2022-07-30 12:15 AM
27
4
cve
cve

CVE-2022-24678

An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a temporary log location....

7.5CVSS

7.4AI Score

0.004EPSS

2022-02-24 03:15 AM
78
cve
cve

CVE-2022-24680

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a mount point and...

7.8CVSS

7.9AI Score

0.0004EPSS

2022-02-24 03:15 AM
70
cve
cve

CVE-2022-24679

A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder in....

7.8CVSS

7.9AI Score

0.0004EPSS

2022-02-24 03:15 AM
71
cve
cve

CVE-2021-45442

A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. This is similar to, but not the same as CVE-2021-44024. Please note: an attacker must first obtain the...

7.1CVSS

6.8AI Score

0.0004EPSS

2022-01-10 02:10 PM
20
cve
cve

CVE-2021-45440

A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges. Please note: an attacker must first obtain the...

7.8CVSS

7.6AI Score

0.0004EPSS

2022-01-10 02:10 PM
16
cve
cve

CVE-2021-45441

A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a specially crafted file to issue commands over a certain pipe and elevate to a higher level of privileges. Please note: an attacker must first obtain the ability to.....

7.8CVSS

7.7AI Score

0.0004EPSS

2022-01-10 02:10 PM
20
cve
cve

CVE-2021-45231

A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on....

7.8CVSS

7.8AI Score

0.0004EPSS

2022-01-10 02:10 PM
16
cve
cve

CVE-2021-44024

A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the...

7.1CVSS

6.9AI Score

0.0004EPSS

2022-01-10 02:10 PM
18
cve
cve

CVE-2021-42104

Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the...

7.8CVSS

7.7AI Score

0.0004EPSS

2021-10-21 08:15 AM
21
cve
cve

CVE-2021-42108

Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute...

7.8CVSS

7.8AI Score

0.0004EPSS

2021-10-21 08:15 AM
21
cve
cve

CVE-2021-42105

Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the...

7.8CVSS

7.7AI Score

0.0004EPSS

2021-10-21 08:15 AM
18
cve
cve

CVE-2021-42107

Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the...

7.8CVSS

7.7AI Score

0.0004EPSS

2021-10-21 08:15 AM
19
cve
cve

CVE-2021-23139

A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected...

7.5CVSS

7.4AI Score

0.001EPSS

2021-10-21 08:15 AM
19
cve
cve

CVE-2021-42012

A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code.....

7.8CVSS

7.9AI Score

0.0004EPSS

2021-10-21 08:15 AM
19
cve
cve

CVE-2021-42106

Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the...

7.8CVSS

7.7AI Score

0.0004EPSS

2021-10-21 08:15 AM
19
cve
cve

CVE-2021-3848

An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that could lead to a...

5.5CVSS

5.9AI Score

0.0004EPSS

2021-10-06 10:15 AM
20
cve
cve

CVE-2021-32464

An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to...

7.8CVSS

7.8AI Score

0.0004EPSS

2021-08-04 07:15 PM
42
5
cve
cve

CVE-2021-25249

An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first...

7.8CVSS

7.5AI Score

0.0004EPSS

2021-02-04 08:15 PM
34
5
cve
cve

CVE-2021-25248

An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow an attacker to disclose sensitive information about a named pipe. Please note: an attacker must first...

5.5CVSS

5.3AI Score

0.0004EPSS

2021-02-04 08:15 PM
37
3
cve
cve

CVE-2020-24559

A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as...

7.8CVSS

7.7AI Score

0.001EPSS

2020-09-01 07:15 PM
24
cve
cve

CVE-2020-24556

A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security Services on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and...

7.8CVSS

7.9AI Score

0.001EPSS

2020-09-01 07:15 PM
30
cve
cve

CVE-2020-24558

A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll may allow an attacker to manipulate it to cause an out-of-bounds read that crashes multiple processes in the product. An attacker must first obtain the ability to execute....

7.1CVSS

7.2AI Score

0.0004EPSS

2020-09-01 07:15 PM
26