Trend Micro Endpoint security products for enterprises vulnerable to privilege escalation


Trend Micro Incorporated has released security updates for Endpoint security products for enterprises.

Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of the solution through JVN.
CVSS Severity (What is CVSS?)

Affected Products

Trend Micro, Inc.
  • Apex One On Premise (2019)
  • Apex One as a Service
  • Worry-Free Business Security 10 SP1
  • Worry-Free Business Security Services


An attacker may obtain administrative privileges and an arbitrary file may be created. As a result, the product may fall into a denial-of-service (DoS) condition.

[Apply the Patch]
Apply the appropriate patch according to the information provided by the developer.
Vendor Information

Trend Micro, Inc.
CWE (What is CWE?)

CVE (What is CVE?)


  1. JVN : JVNVU#92842857
Revision History

  • [2021/10/26]
      Web page was published