Description

Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service.

Related CPE's

a

trendmicro

maximum_security_2019

15.0

Vulnerable

a

trendmicro

maximum_security_2020

16.0

Vulnerable

a

trendmicro

maximum_security_2021

2

a

trendmicro

security_for_best_buy

2021

Vulnerable

o

microsoft

windows

-

References

https://helpcenter.trendmicro.com/en-us/article/tmka-10568

PatchVendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-1052/

Third Party AdvisoryVDB Entry

Weaknesses

[email protected]

Primary
CWE-59

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-09-06T12:15:08.040

3 years ago

Last modified

2022-07-12T17:42:04.277

3 years ago