CVE-2021-28645
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/04/2021
Last modified:
14/04/2021
Description
An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
7.20
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:* | ||
cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:saas:*:*:* | ||
cpe:2.3:a:trendmicro:officescan:xg:sp1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page