JVNDB-2021-005174

[Japanese]
JVNDB-2021-005174
Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer)
Overview
Trend Micro Incorporated has released security updates for Trend Micro Security 2021 family (Consumer). Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
CVSS Severity (What is CVSS?)

Affected Products

Trend Micro, Inc. Antivirus + Security 2021 (v17) and earlier Trend Micro Maximum Security 2021 (v17) and earlier Trend Micro Premium Security 2021 (v17) and earlier Trend Micro Internet Security 2021 (v17) and earlier

Impact
Maximum Security 2021 * A user who can log in to the system where the affected product is installed may obtain the administrative privilege. As a result, arbitrary code may be executed on the system Premium Security 2021, Maximum Security 2021, Internet Security 2021 and Antivirus+ Security 2021 * An attacker may alter the files protected by Folder Shield function without being detected
Solution
[Update the software] Update the software to the latest version according to the information provided by the developer.
Vendor Information
Trend Micro, Inc. Trend Micro : Security Bulletin: Trend Micro Maximum Security 2021 (Consumer) Improper Access Control Local Privilege Escalation Vulnerability Trend Micro : SECURITY BULLETIN: Folder Shield protected folder bypass
CWE (What is CWE?)

CVE (What is CVE?)
CVE-2021-32460 CVE-2021-43772
References
JVN : JVNVU#98117192 National Vulnerability Database (NVD) : CVE-2021-32460 National Vulnerability Database (NVD) : CVE-2021-43772
Revision History
[2021/12/09] Web page was published


Date Public	2021/12/08
Date First Published	2021/12/09
Date Last Updated	2021/12/09

Multiple vulnerabilities in Trend Micro Security 2021 family (Consumer)