Vulnerability Details CVE-2021-25252
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 20.1%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.9
References
Products affected by CVE-2021-25252
-
cpe:2.3:a:trendmicro:apex_central:2019
-
cpe:2.3:a:trendmicro:apex_one:-
-
cpe:2.3:a:trendmicro:apex_one:2019
-
cpe:2.3:a:trendmicro:cloud_edge:5.0
-
cpe:2.3:a:trendmicro:control_manager:7.0
-
cpe:2.3:a:trendmicro:deep_discovery_analyzer:5.1
-
cpe:2.3:a:trendmicro:deep_discovery_email_inspector:2.5
-
cpe:2.3:a:trendmicro:deep_discovery_inspector:3.8
-
cpe:2.3:a:trendmicro:deep_security:10.0
-
cpe:2.3:a:trendmicro:deep_security:11.0
-
cpe:2.3:a:trendmicro:deep_security:12.0
-
cpe:2.3:a:trendmicro:deep_security:20.0
-
cpe:2.3:a:trendmicro:interscan_messaging_security_virtual_appliance:9.1
-
cpe:2.3:a:trendmicro:interscan_web_security_virtual_appliance:6.5
-
cpe:2.3:a:trendmicro:officescan:-
-
cpe:2.3:a:trendmicro:portal_protect:2.6
-
cpe:2.3:a:trendmicro:safe_lock:1.1
-
cpe:2.3:a:trendmicro:scanmail:14.0
-
cpe:2.3:a:trendmicro:scanmail_for_ibm_domino:5.8
-
cpe:2.3:a:trendmicro:serverprotect:5.8
-
cpe:2.3:a:trendmicro:serverprotect_for_network_appliance_filers:5.8
-
cpe:2.3:a:trendmicro:serverprotect_for_storage:6.0
-
cpe:2.3:a:trendmicro:worry-free_business_security:10.1
-
cpe:2.3:h:emc:celerra_network_attached_storage:-
-
cpe:2.3:o:apple:macos:-
-
cpe:2.3:o:linux:linux_kernel:-
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:netapp:cluster_data_ontap:-
-
cpe:2.3:o:novell:netware:-