7.8
CVE-2025-53503
- EPSS 0.21%
- Veröffentlicht 10.07.2025 18:59:17
- Zuletzt bearbeitet 03.10.2025 00:44:15
- Quelle security@trendmicro.com
- CVE-Watchlists
- Unerledigt
Trend Micro Cleaner One Pro is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Trendmicro ≫ Cleaner One SwEditionpro SwPlatformwindows Version < 6.8.333
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.21% | 0.114 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@trendmicro.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-64 Windows Shortcut Following (.LNK)
The product, when opening a file or directory, does not sufficiently handle when the file is a Windows shortcut (.LNK) whose target is outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://helpcenter.trendmicro.com/en-us/article/tmka-12951