First published: Thu Oct 21 2021(Updated: )
A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Credit: security@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Trendmicro Apex One | =2019 | |
Trendmicro Apex One | =2019 | |
Trendmicro Worry-free Business Security | =10.0-sp1 | |
Trendmicro Worry-free Business Security Services | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2021-42012 is high.
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit CVE-2021-42012.
Trend Micro Worry-Free Business Security, Trend Micro Trend Micro Apex One and Worry-Free Business Security, Trendmicro Worry-free Business Security, and Trendmicro Worry-free Business Security Services are affected by CVE-2021-42012.
To fix CVE-2021-42012, update to the latest version of Trend Micro Worry-Free Business Security.
You can find more information about CVE-2021-42012 at the following references: [Link 1](https://success.trendmicro.com/solution/000289229), [Link 2](https://success.trendmicro.com/solution/000289230), [Link 3](https://www.zerodayinitiative.com/advisories/ZDI-21-1221/)