CVE-2021-36741

CVSS 8.8 HIGHEPSS 5.0%● KEVCWE-434

Vexday Risk Score

51Attention

SSVC decision (CISA)

Act

Exploitation + impact → act immediately

CVSS 8.8EPSS 5.0%KEV simPoC —Nuclei —Metasploit —Patch —

Lifecycle

29 Jul 2021Published on NVD

03 Nov 2021Active exploitation (CISA KEV)

Recommendation: Patch as soon as possible — active exploitation confirmed.

In short

A flaw in Trend Micro security products allows someone with console access to upload any file they want, bypassing safety checks. This is dangerous because it can lead to installing malicious code on protected systems.

Technical detail

Improper input validation in file upload functionality allows authenticated users with management console access to bypass file type restrictions and upload arbitrary files. This can facilitate remote code execution or system compromise on affected Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 installations.

Summary generated and translated by AI from the official description.

An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product�s management console in order to exploit this vulnerability.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Trend Micro · Trend Micro Apex One Trend Micro · Trend Micro OfficeScan Trend Micro · Trend Micro Worry-Free Business Security

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://success.trendmicro.com/jp/solution/000287796 https://success.trendmicro.com/jp/solution/000287815 https://success.trendmicro.com/solution/000287819 https://success.trendmicro.com/solution/000287820 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-36741