CVE-2021-28648

EPSS 0.08%
Published 22.04.2021 22:15:12
Last modified 21.11.2024 06:00:01
Source security@trendmicro.com
Teams watchlist Login
Open Login

Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection that could lead to full local privilege escalation within the application. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.

Affected products Warnungen 0 Metrics 3 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Trendmicro ≫ Antivirus SwPlatformmacos Version >= 10.5 < 10.5.2088

Trendmicro ≫ Antivirus SwPlatformmacos Version >= 11.0 < 11.0.2062

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.204

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

https://helpcenter.trendmicro.com/en-us/article/TMKA-10293

Patch

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-21-420/

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2021-28648

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-28648

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-28648

EUVD