CVE-2021-28647
Severity CVSS v4.0:
Pending analysis
Type:
CWE-427
Uncontrolled Search Path Element
Publication date:
13/04/2021
Last modified:
14/04/2021
Description
Trend Micro Password Manager version 5 (Consumer) is vulnerable to a DLL Hijacking vulnerability which could allow an attacker to inject a malicious DLL file during the installation progress and could execute a malicious program each time a user installs a program.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
4.40
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:trendmicro:password_manager:*:*:*:*:*:windows:*:* | 5.0 (including) | 5.0.0.1217 (excluding) |
To consult the complete list of CPE names with products and versions, see this page