CVE-2021-25227

3.3LOW

Key Information:

Vendor: Trend Micro
Status: Trend Micro Antivirus For Mac
Vendor: CVE Published:; 4 February 2021

Summary

Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability - i.e. the attacker must already have access to the target system (either legitimately or via another exploit).

Affected Version(s)

Trend Micro Antivirus for Mac 2021 (v11)

References

https://helpcenter.trendmicro.com/en-us/article/TMKA-10191

x_refsource_MISC

https://www.zerodayinitiative.com/advisories/ZDI-21-102/

x_refsource_MISC

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Feb 4, 2021
Vulnerability Reserved
Jan 15, 2021