Multiple vulnerabilities in Trend Micro Worry-Free Business Security



Published: 2021-12-29 | Updated: 2022-01-06
Risk Low
Patch available YES
Number of vulnerabilities 4
CVE-ID CVE-2021-44024
CVE-2021-45231
CVE-2021-45440
CVE-2021-45442
CWE-ID CWE-59
CWE-250
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe
Worry-Free Business Security
Client/Desktop applications / Software for system administration

Vendor Trend Micro

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Link following

EUVDB-ID: #VU59107

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-44024

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure link following. A local user can create a specially crafted symbolic link and overwrite arbitrary files with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Worry-Free Business Security: 10 SP1 Patch 2203 - 10.0 SP1 B2190

External links

http://success.trendmicro.com/solution/000289996


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Link following

EUVDB-ID: #VU59108

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-45231

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insecure link following. A local user can create a specially crafted symbolic link and overwrite arbitrary files with arbitrary content. Successful exploitation of the vulnerability may result in execution of arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Worry-Free Business Security: 10 SP1 Patch 2203 - 10.0 SP1 B2190

External links

http://success.trendmicro.com/solution/000289996


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Execution with unnecessary privileges

EUVDB-ID: #VU59109

Risk: Low

CVSSv3.1: 6.1 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-45440

CWE-ID: CWE-250 - Execution with Unnecessary Privileges

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to execution of.code with unnecessary privileges A local low-privileged user can run a specially crafted program to abuse an impersonation privilege and execute arbitrary code with elevated privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Worry-Free Business Security: 10 SP1 Patch 2203 - 10.0 SP1 B2190

External links

http://success.trendmicro.com/solution/000289996


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Link following

EUVDB-ID: #VU59111

Risk: Low

CVSSv3.1: 5.3 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-45442

CWE-ID: CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure link following. A local user can create a specially crafted symbolic link and overwrite arbitrary files with SYSTEM privileges.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Worry-Free Business Security: 10 SP1 Patch 2203 - 10.0 SP1 B2190

External links

http://success.trendmicro.com/solution/000289996


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###