← Volver a CVEs

CVE-2021-32463

HIGH

7.8

Descripcion

An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Detalles CVE

Puntuacion CVSS v3.17.8

SeveridadHIGH

Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vector de ataqueLOCAL

ComplejidadLOW

Privilegios requeridosLOW

Interaccion usuarioNONE

Publicado7/20/2021

Ultima modificacion11/21/2024

Fuentenvd

Avistamientos honeypot0

Productos afectados

microsoft:windowstrendmicro:apex_onetrendmicro:worry-free_business_security

Debilidades (CWE)

CWE-732

Referencias

https://success.trendmicro.com/solution/000286855(security@trendmicro.com)

https://success.trendmicro.com/solution/000286856(security@trendmicro.com)

https://www.zerodayinitiative.com/advisories/ZDI-21-786/(security@trendmicro.com)

https://success.trendmicro.com/solution/000286855(af854a3a-2127-422b-91ae-364da2661108)

https://success.trendmicro.com/solution/000286856(af854a3a-2127-422b-91ae-364da2661108)

https://www.zerodayinitiative.com/advisories/ZDI-21-786/(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.