JVNDB-2021-003385

[Japanese]
JVNDB-2021-003385
Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation
Overview
Trend Micro Incorporated has released security updates for Endpoint security products for enterprises. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
CVSS Severity (What is CVSS?)

Affected Products

Trend Micro, Inc. Apex One On Premise (2019) Apex One as a Service Worry-Free Business Security 10 SP1 Worry-Free Business Security Services

Impact
An attacker may obtain administrative privileges and an arbitrary file may be created. As a result, the product may fall into a denial-of-service (DoS) condition.
Solution
[Apply the Patch] Apply the appropriate patch according to the information provided by the developer.
Vendor Information
Trend Micro, Inc. Trend Micro : SECURITY BULLETIN: Trend Micro Apex One and Worry-Free Business Security Arbitrary File Creation by Privilege Escalation Vulnerability
CWE (What is CWE?)

CVE (What is CVE?)

References
JVN : JVNVU#92842857
Revision History
[2021/10/26] Web page was published

Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation