Back to search
CVE-2021-25253
Published: Apr 13, 2021
Modified: Aug 3, 2024
PUBLISHED
Description
An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
| Vendor | Product | Versions |
|---|---|---|
Trend Micro | Trend Micro Apex One | affected 2019, SaaS |
Trend Micro | Trend Micro OfficeScan | affected XG SP1 |
References
https://success.trendmicro.com/solution/000286019
x_refsource_MISC
https://success.trendmicro.com/solution/000286157
x_refsource_MISC
https://www.zerodayinitiative.com/advisories/ZDI-21-401/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now