CVE-2021-44020

EPSS 0.3%

Vexday Risk Score

3Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

03 dic 2021Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to but not identical to CVE-2021-44019 and 44021.

Productos afectados

Trend Micro · Trend Micro Worry-Free Business Security

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://success.trendmicro.com/solution/000289230 https://www.zerodayinitiative.com/advisories/ZDI-21-1365/