CVE-2021-25249

Summary

An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security (10.0 SP1 and Services) could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Trend MicroTrend Micro Apex One2019, SaaSaffected
Trend MicroTrend Micro OfficeScanXG SP1affected
Trend MicroTrend Micro Worry-Free Business Security10.0 SP1, Services (SaaS)affected

Weaknesses

  • Out-of-Bounds Write Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References