Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security
CVE-2021-32464
7.8HIGH
Key Information:
- Vendor
- Trend Micro
- Vendor
- CVE Published:
- 4 August 2021
Summary
A privilege escalation vulnerability exists in Trend Micro's Apex One, Apex One as a Service, and Worry-Free Business Security Services, allowing an attacker to modify a specific script prior to its execution. To exploit this vulnerability, an attacker must first have the ability to execute low-privileged code on the target system, enabling unauthorized modifications that could compromise system integrity.
Affected Version(s)
Trend Micro Apex One 2019, SaaS
Trend Micro Worry-Free Business Security Services (SaaS)
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved