Vulnerability in Trend Micro VPN Allows Elevation of Privileges
CVE-2024-41183
7.8HIGH
Key Information:
- Vendor
- Trend Micro
- Vendor
- CVE Published:
- 22 October 2024
Summary
An arbitrary file overwrite vulnerability has been identified in Trend Micro VPN versions up to 5.8.1012. When exploited under specific conditions, this vulnerability may allow attackers to overwrite files on the target system, potentially leading to elevation of privileges. Organizations using impacted versions of the software should review their configurations and apply necessary patches to mitigate the risks associated with this vulnerability.
Affected Version(s)
Trend Micro VPN (consumer) 5.8 < 5.8.1030
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published