A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Advisories
Source ID Title
EUVD EUVD EUVD-2021-23332 A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Thu, 13 Feb 2025 14:45:00 +0000

Type Values Removed Values Added
Weaknesses NVD-CWE-noinfo

Thu, 06 Feb 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2021-11-03'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: trendmicro

Published:

Updated: 2025-07-30T01:38:05.561Z

Reserved: 2021-07-14T00:00:00.000Z

Link: CVE-2021-36742

cve-icon Vulnrichment

Updated: 2024-08-04T01:01:59.398Z

cve-icon NVD

Status : Analyzed

Published: 2021-07-29T20:15:07.650

Modified: 2025-02-13T14:26:24.660

Link: CVE-2021-36742

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.