Incorrect permission assignment vulnerability in multiple Trend Micro Endpoint security products for enterprises


Trend Micro Incorporated has released a security update for multiple Endpoint security products for enterprises.

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solutions through JVN.
CVSS Severity (What is CVSS?)

Affected Products

Trend Micro, Inc.
  • Apex One 2019
  • Apex One SaaS
  • Worry-Free Business Security 10 SP1
  • Worry-Free Business Security Services


A local authenticated attacker may escalate privileges and delete arbitrary files where the agent is installed.
For more information, refer to the information provided by the developer.

[Apply the Patch]
Apply the appropriate patch according to the information provided by the developer.
Vendor Information

Trend Micro, Inc.
CWE (What is CWE?)

CVE (What is CVE?)


  1. JVN : JVNVU#90091573
Revision History

  • [2021/08/19]
      Web page was published