CVE-2021-43772

Vulnerability

Trend Micro Security 2021 consumer products (Premium Security, Maximum Security, Internet Security, and Antivirus+ Security) version 17 and below contain a vulnerability that permits files inside the protected Folder Shield folder to be modified without detection. The Folder Shield feature is designed to protect user-designated folders from unauthorized changes. The issue affects all language editions on Microsoft Windows. [1]

Exploitation

An attacker with local access and low privileges can modify files within the Folder Shield protected folder without triggering any detection by the product. The vulnerability requires no user interaction and can be exploited at the local machine level. The exact sequence of steps has not been publicly detailed, but the advisory confirms that no validations prevent file modification under certain conditions. [1]

Impact

Successful exploitation allows an attacker to modify files inside the protected folder, potentially altering victim data or introducing malicious content without the user's knowledge. The CIA impact is limited to integrity (no confidentiality or availability impact), and the CVSS score is 5.5. As of the disclosure date, Trend Micro has received no reports of active exploitation. [1]

Mitigation

Trend Micro released version 2022 (v17.7) on November 29, 2021 to resolve this vulnerability. Users should update all affected Trend Micro Security 2021 products to version 17.7 or later. No workarounds have been identified. [1]