Vulnerability Details CVE-2021-32462
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.174
EPSS Ranking 94.7%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
Products affected by CVE-2021-32462
-
cpe:2.3:a:trendmicro:password_manager:-
-
cpe:2.3:a:trendmicro:password_manager:3.0
-
cpe:2.3:a:trendmicro:password_manager:3.5
-
cpe:2.3:a:trendmicro:password_manager:3.6
-
cpe:2.3:a:trendmicro:password_manager:3.7
-
cpe:2.3:a:trendmicro:password_manager:3.7.0.1223
-
cpe:2.3:a:trendmicro:password_manager:3.8
-
cpe:2.3:a:trendmicro:password_manager:3.8.0.1052
-
cpe:2.3:a:trendmicro:password_manager:3.8.0.1103
-
cpe:2.3:a:trendmicro:password_manager:5.0
-
cpe:2.3:a:trendmicro:password_manager:5.0.0.1076
-
cpe:2.3:a:trendmicro:password_manager:5.0.0.1081
-
cpe:2.3:a:trendmicro:password_manager:5.0.0.1217
-
cpe:2.3:o:microsoft:windows:-