CVE-2021-43771

Vulnerability

Trend Micro Antivirus for Mac 2021 v11 (Consumer) contains an improper access control vulnerability within the com.trendmicro.AFM.HelperTool component [1][2]. The issue allows a local attacker who has already obtained low-privileged code execution to bypass access controls and escalate privileges. Affected versions are all builds prior to 11.0.2163 [2].

Exploitation

An attacker must first gain the ability to execute low-privileged code on the target system [1][2]. No user interaction is required (CVSS:3.1/AV:L/AC:L/PR:L/UI:N). The attacker then exploits the improper access control in the HelperTool to establish a connection that leads to privilege escalation [1].

Impact

Successful exploitation grants the attacker full local privilege escalation within the application, allowing arbitrary code execution in the context of the root user [1]. This results in complete compromise of confidentiality, integrity, and availability of the affected system.

Mitigation

Trend Micro released a fix in version 11.0.2163 of Trend Micro Antivirus for Mac 2021 [2]. The update is delivered automatically via the product's ActiveUpdate mechanism. Users should ensure their software is updated to the latest version. No workarounds are documented. At the time of disclosure, no active exploitation was reported [2].