Lucene search
Michael DePlante (@izobashi) of Trend Micro's Zero Day InitiativeZDI-21-1536HistoryDec 14, 2021 - 12:00 a.m.
Trend Micro Maximum Security Link Following Denial-of-Service Vulnerability
2021-12-1400:00:00
Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative
www.zerodayinitiative.com
16
trend micro
maximum security
dos
vulnerability
link following
local attackers
low-privileged code
platinum host service
symbolic link
file overwrite
EPSS
0.001
Percentile
26.9%
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Platinum Host Service. By creating a symbolic link, an attacker can abuse the service to overwrite a file. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
Related
nvd
nvd
CVE-2021-44023
2021-12-16 03:15:10
cnvd
cnvd
Trend Micro Security Backlink Vulnerability (CNVD-2021-103666)
2021-12-17 00:00:00
cvelist
cvelist
CVE-2021-44023
2021-12-16 02:28:35
prion
prion
Design/Logic Flaw
2021-12-16 03:15:00
cve
cve
CVE-2021-44023
2021-12-16 03:15:10