cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-41179,https://securityvulnerability.io/vulnerability/CVE-2023-41179,Arbitrary Command Execution in Trend Micro Apex One and Worry-Free Business Security,"A vulnerability exists in the third-party antivirus uninstaller module within Trend Micro Apex One and Worry-Free Business Security that allows an attacker with administrative console access to manipulate the module. This could enable the attacker to execute arbitrary commands on the compromised system, potentially leading to further exploitation or system compromise. It is essential for users of affected Trend Micro products to assess their security configurations and ensure they have appropriate access controls in place to mitigate this risk.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-Free Business Security,Trend Micro Worry-Free Business Security Services",7.2,HIGH,0.0465800017118454,true,2023-09-21T00:00:00.000Z,true,false,true,2023-09-21T00:00:00.000Z,,false,false,,2023-09-19T14:15:00.000Z,0
CVE-2022-36336,https://securityvulnerability.io/vulnerability/CVE-2022-36336,Local Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents allows local attackers to escalate their privileges on affected installations. This could lead to unauthorized access or manipulation of sensitive information. Trend Micro has resolved this issue through an automatic update via ActiveUpdate, ensuring that customers running the latest detection patterns remain protected without requiring further action.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-30T00:15:00.000Z,0
CVE-2022-24680,https://securityvulnerability.io/vulnerability/CVE-2022-24680,Local Privilege Escalation Vulnerability in Trend Micro Apex One and Security Solutions,"This vulnerability allows a local attacker to exploit a security flaw in Trend Micro Apex One and related products. By creating a mount point, an attacker can leverage this issue for arbitrary folder deletion, which enables them to escalate privileges on affected installations. Importantly, successful exploitation requires that the attacker already has the ability to execute low-privileged code on the target system. This makes it essential for organizations using affected products to apply appropriate security measures and updates.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-02-24T02:45:52.000Z,0
CVE-2022-24679,https://securityvulnerability.io/vulnerability/CVE-2022-24679,Local Privilege Escalation Vulnerability in Trend Micro Apex One and Security Products,"A local privilege escalation vulnerability in Trend Micro's Apex One and Worry-Free Business Security products could allow an attacker to create a writable folder in an arbitrary location. Exploiting this vulnerability requires prior access to execute low-privileged code on the target system, potentially enabling the attacker to escalate their privileges and gain greater control over the affected installations.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-02-24T02:45:51.000Z,0
CVE-2022-24678,https://securityvulnerability.io/vulnerability/CVE-2022-24678,Denial-of-Service Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A resource exhaustion denial-of-service vulnerability exists in Trend Micro Apex One and Worry-Free Business Security products. An attacker can exploit this weakness by flooding a temporary log location, resulting in the consumption of all available disk space on affected systems. This can render the system non-functional, interrupting critical security operations.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.5,HIGH,0.012040000408887863,false,,false,false,false,,,false,false,,2022-02-24T02:45:49.000Z,0
CVE-2022-23805,https://securityvulnerability.io/vulnerability/CVE-2022-23805,Out-of-Bounds Read Vulnerability in Trend Micro Worry-Free Business Security Server,"The vulnerability in Trend Micro Worry-Free Business Security Server allows local attackers with low-privileged code execution capabilities to exploit an out-of-bounds read issue. By sending malformed data to a specific named pipe, an attacker can cause the server to crash, potentially leading to information disclosure. It is crucial for organizations to evaluate their systems and apply necessary patches to mitigate the risk associated with this vulnerability.",Trend Micro,Trend Micro Worry-free Business Security,7.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-02-04T22:32:58.000Z,0
CVE-2021-44024,https://securityvulnerability.io/vulnerability/CVE-2021-44024,Link Following Denial-of-Service Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A vulnerability in Trend Micro's Apex One and Worry-Free Business Security products allows a local attacker to exploit a link following denial-of-service weakness. This exploit can lead to arbitrary file overwriting in the context of SYSTEM privileges. To execute this attack, an attacker must first have the capability to run low-privileged code on the affected system, thereby elevating their access rights and compromising system integrity.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-10T14:10:00.000Z,0
CVE-2021-45440,https://securityvulnerability.io/vulnerability/CVE-2021-45440,Local Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A vulnerability in Trend Micro Apex One and Worry-Free Business Security allows local attackers to escalate their privileges by exploiting an impersonation flaw. To execute this attack, an attacker must first gain access to execute low-privileged code on the affected system, leveraging this access to increase their privileges to a potentially dangerous level.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-10T14:10:00.000Z,0
CVE-2021-45231,https://securityvulnerability.io/vulnerability/CVE-2021-45231,Link Following Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A critical security flaw exists in Trend Micro Apex One (both on-premises and SaaS) and in the Worry-Free Business Security product line. This vulnerability enables a local attacker with low privileges to exploit a specially crafted file that could lead to arbitrary content processing. The exploitation requires the attacker to already have access to execute low-privileged code on the system, thus posing risks to system integrity and security.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-10T14:10:00.000Z,0
CVE-2021-45442,https://securityvulnerability.io/vulnerability/CVE-2021-45442,Denial-of-Service Vulnerability in Worry-Free Business Security by Trend Micro,"A denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on premise only) may enable a local attacker to overwrite arbitrary files with SYSTEM privileges. Prior to exploiting this vulnerability, an attacker must gain access to execute low-privileged code on the targeted system. This flaw poses a risk similar to other CVEs and necessitates immediate attention from organizations utilizing this software to mitigate potential exploitation.",Trend Micro,Trend Micro Worry-free Business Security,7.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-10T14:10:00.000Z,0
CVE-2021-44020,https://securityvulnerability.io/vulnerability/CVE-2021-44020,Privilege Escalation Vulnerability in Trend Micro Worry-Free Business Security,"A local attacker with access to execute low-privileged code on affected installations of Trend Micro Worry-Free Business Security 10.0 SP1 can exploit an unnecessary privilege vulnerability. This could result in unauthorized access to higher-level permissions, allowing the attacker to manipulate system functions and potentially compromise the security of the targeted system. This issue is closely related to other vulnerabilities in the same family but has distinct characteristics.",Trend Micro,Trend Micro Worry-free Business Security,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-12-03T10:50:11.000Z,0
CVE-2021-44021,https://securityvulnerability.io/vulnerability/CVE-2021-44021,Privilege Escalation Vulnerability in Trend Micro Worry-Free Business Security,"A security issue exists in Trend Micro Worry-Free Business Security 10.0 SP1 that may allow a local attacker to escalate privileges on compromised systems. To exploit this vulnerability, the attacker must first have the ability to execute low-privileged code on the target system. This vulnerability shares similarities with other recently discovered issues, making it crucial for users to apply security measures and stay informed on updates.",Trend Micro,Trend Micro Worry-free Business Security,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-12-03T10:50:11.000Z,0
CVE-2021-44019,https://securityvulnerability.io/vulnerability/CVE-2021-44019,Privilege Escalation Vulnerability in Trend Micro Worry-Free Business Security,"An unnecessary privilege vulnerability exists in Trend Micro Worry-Free Business Security 10.0 SP1, allowing local attackers to escalate their privileges on vulnerable installations. Attackers must first execute low-privileged code to exploit the flaw, which may lead to unauthorized access and control over affected systems. This vulnerability shares similarities with others like CVE-2021-44020 and CVE-2021-44021 but is distinctly categorized.",Trend Micro,Trend Micro Worry-free Business Security,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-12-03T10:50:10.000Z,0
CVE-2021-42108,https://securityvulnerability.io/vulnerability/CVE-2021-42108,Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"The Web Console of Trend Micro's Apex One, Apex One as a Service, and Worry-Free Business Security 10.0 SP1 has a vulnerability that allows a local attacker to escalate privileges. This weakness requires the attacker first to execute low-privileged code on the affected system. If exploited, the vulnerability can lead to unauthorized control over the system and its resources, highlighting the need for immediate patching and proper access controls.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-10-21T07:46:11.000Z,0
CVE-2021-42107,https://securityvulnerability.io/vulnerability/CVE-2021-42107,Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A privilege escalation vulnerability exists in Trend Micro's Apex One and Worry-Free Business Security products, allowing local attackers to gain elevated permissions on compromised systems. To exploit this vulnerability, attackers must have initial access to execute low-privilege code. It is important to note that this vulnerability shares similarities with other related vulnerabilities, but each presents unique exploitation characteristics. Users are advised to apply recommended security updates to mitigate risks associated with potential exploitation.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-10-21T07:46:10.000Z,0
CVE-2021-42106,https://securityvulnerability.io/vulnerability/CVE-2021-42106,Unnecessary Privilege Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A vulnerability exists in Trend Micro Apex One and related products that may allow a local attacker to escalate privileges. Successful exploitation requires the attacker to have already gained access to execute low-privileged code on the target system. This vulnerability is comparable to several others identified by Trend Micro, but is distinct in its details and potential impact.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-10-21T07:46:09.000Z,0
CVE-2021-42105,https://securityvulnerability.io/vulnerability/CVE-2021-42105,Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A vulnerability in Trend Micro's Apex One and Worry-Free Business Security products enables a local attacker to escalate privileges on systems running the affected software. To exploit this vulnerability, the attacker must have prior access to execute low-privileged code on the target system. This issue highlights the importance of maintaining strict access controls and monitoring for unauthorized code execution, as it could lead to further system compromises.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-10-21T07:46:08.000Z,0
CVE-2021-42104,https://securityvulnerability.io/vulnerability/CVE-2021-42104,Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"Trend Micro's Apex One and Worry-Free Business Security products are susceptible to privilege escalation vulnerabilities. A local attacker, having already gained the ability to execute low-privileged code, may exploit this vulnerability to elevate their privileges on the system. Affected versions include Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services. It is crucial for users to review their installations and apply necessary updates to mitigate potential risks associated with this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-10-21T07:46:07.000Z,0
CVE-2021-42012,https://securityvulnerability.io/vulnerability/CVE-2021-42012,Stack-Based Buffer Overflow in Trend Micro Apex One and Worry-Free Business Security,"A stack-based buffer overflow vulnerability exists in Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security 10.0 SP1. This flaw allows a local attacker, already possessing low-privileged access to the system, to escalate privileges and potentially gain greater control over affected installations. Addressing this vulnerability is crucial to maintain system integrity and security.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-10-21T07:46:03.000Z,0
CVE-2021-23139,https://securityvulnerability.io/vulnerability/CVE-2021-23139,Null Pointer Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"An identified null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 can be exploited to crash the CGI program on affected systems. This could potentially disrupt service and lead to data inaccessibility for users. Organizations should take immediate steps to implement vendor-recommended updates to mitigate this risk and ensure their security posture remains robust. For further details, please refer to Trend Micro's official resources.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.5,HIGH,0.0011399999493733048,false,,false,false,false,,,false,false,,2021-10-21T07:46:02.000Z,0
CVE-2021-3848,https://securityvulnerability.io/vulnerability/CVE-2021-3848,Arbitrary File Creation and Privilege Escalation in Trend Micro Apex One,"This vulnerability in Trend Micro's Apex One and Worry-Free Business Security products allows a local attacker to create arbitrary files with elevated privileges. By exploiting this issue, an attacker who has already executed low-privileged code on a target machine can perform actions that may disrupt service, potentially leading to a denial-of-service situation. Proper mitigation and system updates are essential to safeguard against these types of threats.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-10-06T09:50:57.000Z,0
CVE-2021-32464,https://securityvulnerability.io/vulnerability/CVE-2021-32464,Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A privilege escalation vulnerability exists in Trend Micro's Apex One, Apex One as a Service, and Worry-Free Business Security Services, allowing an attacker to modify a specific script prior to its execution. To exploit this vulnerability, an attacker must first have the ability to execute low-privileged code on the target system, enabling unauthorized modifications that could compromise system integrity.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-08-04T18:29:36.000Z,0
CVE-2021-36742,https://securityvulnerability.io/vulnerability/CVE-2021-36742,Improper Input Validation in Trend Micro Apex One and OfficeScan Products,"An improper input validation vulnerability exists in various Trend Micro products, including Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1. This flaw allows local attackers who possess the capability to execute low-privileged code on the targeted system to escalate their privileges. Effective remediation strategies should be implemented to safeguard against potential exploitation of this vulnerability.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",7.8,HIGH,0.0013699999544769526,true,2021-11-03T00:00:00.000Z,false,false,true,2021-11-03T00:00:00.000Z,,false,false,,2021-07-29T19:23:14.000Z,0
CVE-2021-36741,https://securityvulnerability.io/vulnerability/CVE-2021-36741,Improper Input Validation Vulnerability in Trend Micro Apex One Products,"An improper input validation issue exists in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1. This vulnerability allows remote attackers, after gaining access to the management console, to upload arbitrary files to affected installations, potentially leading to further exploitation. Proper management and access controls are essential to mitigate this risk.",Trend Micro,"Trend Micro Apex One,Trend Micro Officescan,Trend Micro Worry-free Business Security",8.8,HIGH,0.14893999695777893,true,2021-11-03T00:00:00.000Z,false,false,true,2021-11-03T00:00:00.000Z,,false,false,,2021-07-29T19:23:13.000Z,0
CVE-2021-32463,https://securityvulnerability.io/vulnerability/CVE-2021-32463,Privilege Escalation Vulnerability in Trend Micro Apex One and Worry-Free Business Security,"A denial-of-service vulnerability exists in specific versions of Trend Micro's Apex One and Worry-Free Business Security products due to improper permission assignments. This issue can be exploited by local attackers who first gain the ability to execute low-privileged code on a compromised system. By successfully executing this exploit, attackers could escalate their privileges, allowing them to delete important system files, which could severely disrupt operations and compromise the integrity of the affected installations.",Trend Micro,"Trend Micro Apex One,Trend Micro Worry-free Business Security",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-07-20T11:09:57.000Z,0