cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-41179,https://securityvulnerability.io/vulnerability/CVE-2023-41179,Arbitrary Command Execution in Trend Micro Apex One and Worry-Free Business Security,"A vulnerability exists in the third-party antivirus uninstaller module within Trend Micro Apex One and Worry-Free Business Security that allows an attacker with administrative console access to manipulate the module. This could enable the attacker to execute arbitrary commands on the compromised system, potentially leading to further exploitation or system compromise. It is essential for users of affected Trend Micro products to assess their security configurations and ensure they have appropriate access controls in place to mitigate this risk.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-Free Business Security,Trend Micro Worry-Free Business Security Services",7.2,HIGH,0.0465800017118454,true,true,false,true,,false,false,2023-09-19T14:15:00.000Z,0
CVE-2022-36336,https://securityvulnerability.io/vulnerability/CVE-2022-36336,,A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an updated Spyware pattern. Customers who are up-to-date on detection patterns are not required to take any additional steps to mitigate this issue.,Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2022-07-30T00:15:00.000Z,0
CVE-2022-24680,https://securityvulnerability.io/vulnerability/CVE-2022-24680,,"A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create a mount point and leverage this for arbitrary folder deletion, leading to escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2022-02-24T02:45:52.000Z,0
CVE-2022-24679,https://securityvulnerability.io/vulnerability/CVE-2022-24679,,"A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local attacker to create an writable folder in an arbitrary location and escalate privileges affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2022-02-24T02:45:51.000Z,0
CVE-2022-24678,https://securityvulnerability.io/vulnerability/CVE-2022-24678,,"An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a temporary log location and consume all disk space on affected installations.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.5,HIGH,0.012040000408887863,false,false,false,false,,false,false,2022-02-24T02:45:49.000Z,0
CVE-2022-23805,https://securityvulnerability.io/vulnerability/CVE-2022-23805,,A security out-of-bounds read information disclosure vulnerability in Trend Micro Worry-Free Business Security Server could allow a local attacker to send garbage data to a specific named pipe and crash the server. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,Trend Micro Worry-free Business Security,7.1,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2022-02-04T22:32:58.000Z,0
CVE-2021-45231,https://securityvulnerability.io/vulnerability/CVE-2021-45231,,A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to create a specially crafted file with arbitrary content which could grant local privilege escalation on the affected system. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2022-01-10T14:10:00.000Z,0
CVE-2021-44024,https://securityvulnerability.io/vulnerability/CVE-2021-44024,,A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.1,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2022-01-10T14:10:00.000Z,0
CVE-2021-45440,https://securityvulnerability.io/vulnerability/CVE-2021-45440,,A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only) could allow a local attacker to abuse an impersonation privilege and elevate to a higher level of privileges. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.,Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2022-01-10T14:10:00.000Z,0
CVE-2021-45442,https://securityvulnerability.io/vulnerability/CVE-2021-45442,,"A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to overwrite arbitrary files in the context of SYSTEM. This is similar to, but not the same as CVE-2021-44024. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,Trend Micro Worry-free Business Security,7.1,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2022-01-10T14:10:00.000Z,0
CVE-2021-44021,https://securityvulnerability.io/vulnerability/CVE-2021-44021,,An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44020.,Trend Micro,Trend Micro Worry-free Business Security,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-12-03T10:50:11.000Z,0
CVE-2021-44020,https://securityvulnerability.io/vulnerability/CVE-2021-44020,,An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44021.,Trend Micro,Trend Micro Worry-free Business Security,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-12-03T10:50:11.000Z,0
CVE-2021-44019,https://securityvulnerability.io/vulnerability/CVE-2021-44019,,An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44020 and 44021.,Trend Micro,Trend Micro Worry-free Business Security,7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-12-03T10:50:10.000Z,0
CVE-2021-42108,https://securityvulnerability.io/vulnerability/CVE-2021-42108,,"Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-10-21T07:46:11.000Z,0
CVE-2021-42107,https://securityvulnerability.io/vulnerability/CVE-2021-42107,,"Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42106.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-10-21T07:46:10.000Z,0
CVE-2021-42106,https://securityvulnerability.io/vulnerability/CVE-2021-42106,,"Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42105 and 42107.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-10-21T07:46:09.000Z,0
CVE-2021-42105,https://securityvulnerability.io/vulnerability/CVE-2021-42105,,"Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42104, 42106 and 42107.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-10-21T07:46:08.000Z,0
CVE-2021-42104,https://securityvulnerability.io/vulnerability/CVE-2021-42104,,"Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-42105, 42106 and 42107.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-10-21T07:46:07.000Z,0
CVE-2021-42012,https://securityvulnerability.io/vulnerability/CVE-2021-42012,,"A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-10-21T07:46:03.000Z,0
CVE-2021-23139,https://securityvulnerability.io/vulnerability/CVE-2021-23139,,A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations.,Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.5,HIGH,0.0011399999493733048,false,false,false,false,,false,false,2021-10-21T07:46:02.000Z,0
CVE-2021-3848,https://securityvulnerability.io/vulnerability/CVE-2021-3848,,"An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that could lead to a denial-of-service (DoS) on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",5.5,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2021-10-06T09:50:57.000Z,0
CVE-2021-32464,https://securityvulnerability.io/vulnerability/CVE-2021-32464,,"An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-08-04T18:29:36.000Z,0
CVE-2021-36742,https://securityvulnerability.io/vulnerability/CVE-2021-36742,,"A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",7.8,HIGH,0.0013699999544769526,true,false,false,true,,false,false,2021-07-29T19:23:14.000Z,0
CVE-2021-36741,https://securityvulnerability.io/vulnerability/CVE-2021-36741,,"An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product�s management console in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",8.8,HIGH,0.14893999695777893,true,false,false,true,,false,false,2021-07-29T19:23:13.000Z,0
CVE-2021-32463,https://securityvulnerability.io/vulnerability/CVE-2021-32463,,"An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free Business Security 10.0 SP1 and Worry-Free Servgices could allow a local attacker to escalate privileges and delete files with system privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2021-07-20T11:09:57.000Z,0