Vulnerability in Trend Micro VPN Allows Elevation of Privileges
CVE-2024-41183

7.8HIGH

Key Information:

Vendor
CVE Published:
22 October 2024

Summary

An arbitrary file overwrite vulnerability has been identified in Trend Micro VPN versions up to 5.8.1012. When exploited under specific conditions, this vulnerability may allow attackers to overwrite files on the target system, potentially leading to elevation of privileges. Organizations using impacted versions of the software should review their configurations and apply necessary patches to mitigate the risks associated with this vulnerability.

Affected Version(s)

Trend Micro VPN (consumer) 5.8 < 5.8.1030

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

.