VYPR

Apex One as a Service

by Trend Micro

CVEs (43)

  • CVE-2021-42101HigOct 21, 2021
    risk 0.51cvss 7.8epss 0.00

    An uncontrolled search path element vulnerabilities in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in…

  • CVE-2021-42011HigOct 21, 2021
    risk 0.51cvss 7.8epss 0.00

    An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged…

  • CVE-2021-32464HigAug 4, 2021
    risk 0.51cvss 7.8epss 0.01

    An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain…

  • CVE-2021-28645HigApr 13, 2021
    risk 0.51cvss 7.8epss 0.01

    An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged…

  • CVE-2021-25253HigApr 13, 2021
    risk 0.51cvss 7.8epss 0.02

    An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain…

  • CVE-2021-25250HigApr 13, 2021
    risk 0.51cvss 7.8epss 0.01

    An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to…

  • CVE-2022-40141HigSep 19, 2022
    risk 0.49cvss 7.5epss 0.01

    A vulnerability in Trend Micro Apex One and Apex One as a Service could allow an attacker to intercept and decode certain communication strings that may contain some identification attributes of a particular Apex One server.

  • CVE-2022-24678HigFeb 24, 2022
    risk 0.49cvss 7.5epss 0.02

    An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow an attacker to flood a…

  • CVE-2022-40143HigSep 19, 2022
    risk 0.47cvss 7.3epss 0.00

    A link following local privilege escalation vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service servers could allow a local attacker to abuse an insecure directory that could allow a low-privileged user to run arbitrary code with elevated privileges.…

  • CVE-2023-32555HigJun 26, 2023
    risk 0.46cvss 7.0epss 0.00

    A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2023-32554HigJun 26, 2023
    risk 0.46cvss 7.0epss 0.00

    A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: a local attacker must first obtain the ability to execute low-privileged code on…

  • CVE-2022-44651HigDec 12, 2022
    risk 0.46cvss 7.0epss 0.00

    A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the…

  • CVE-2022-45797HigDec 12, 2022
    risk 0.46cvss 7.1epss 0.01

    An arbitrary file deletion vulnerability in the Damage Cleanup Engine component of Trend Micro Apex One and Trend Micro Apex One as a Service could allow a local attacker to escalate privileges and delete files on affected installations. Please note: an attacker must first…

  • CVE-2021-25246MedFeb 4, 2021
    risk 0.42cvss 6.5epss 0.02

    An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make…

  • CVE-2024-36306MedJun 10, 2024
    risk 0.40cvss 6.1epss 0.01

    A link following vulnerability in the Trend Micro Apex One and Apex One as a Service Damage Cleanup Engine could allow a local attacker to create a denial-of-service condition on affected installations. Please note: an attacker must first obtain the ability to execute…

  • CVE-2023-32556MedJun 26, 2023
    risk 0.36cvss 5.5epss 0.00

    A link following vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to disclose sensitive information. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to…

  • CVE-2022-44648MedDec 12, 2022
    risk 0.36cvss 5.5epss 0.01

    An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2022-44647MedDec 12, 2022
    risk 0.36cvss 5.5epss 0.01

    An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2022-40140MedSep 19, 2022
    risk 0.36cvss 5.5epss 0.00

    An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a denial-of-service on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2021-3848MedOct 6, 2021
    risk 0.36cvss 5.5epss 0.00

    An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1, and Worry-Free Business Security Services could allow a local attacker to create an arbitrary file with higher privileges that…