First published: Thu Feb 04 2021(Updated: )
An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain information about x86 agent hotfixes.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Apex One | =2019 | |
Trendmicro Officescan | =xg-sp1 | |
Trendmicro Worry-free Business Security | =10.0-sp1 | |
Microsoft Windows | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-25239 is a vulnerability that allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex One.
This vulnerability can be exploited by remote attackers without the need for authentication.
The affected software includes Trend Micro Apex One 2019, Trend Micro Trend Micro Apex One and Worry-Free Business Security 2019, Trendmicro Officescan XG SP1, and Trendmicro Worry-free Business Security 10.0 SP1.
The severity of CVE-2021-25239 is medium, with a severity value of 5.3.
To fix CVE-2021-25239, it is recommended to apply the necessary security patches provided by Trend Micro.