Shodan
Vulnerabilities
Vulnerable Software
Trendmicro:  Security Vulnerabilities
CVE-2024-41183
Trend Micro VPN, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite under specific conditions that can lead to elevation of privileges.
CVSS Score
7.8
EPSS Score
0.002
Published
2024-10-22
CVE-2024-45334
Trend Micro Antivirus One versions 3.10.4 and below (Consumer) is vulnerable to an Arbitrary Configuration Update that could allow unauthorized access to product configurations and functions.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-10-22
CVE-2024-45335
Trend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted virus to allow itself to bypass and evade a virus scan detection.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-10-22
CVE-2024-39753
An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVSS Score
7.5
EPSS Score
0.046
Published
2024-10-22
CVE-2024-37289
An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-06-10
CVE-2024-36307
A security agent link following vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information about the agent on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-06-10
CVE-2024-36359
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVSS Score
5.4
EPSS Score
0.002
Published
2024-06-10
CVE-2024-36473
Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-06-10
CVE-2024-36302
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2024-36303.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-06-10
CVE-2024-36303
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2024-36302.
CVSS Score
7.8
EPSS Score
0.001
Published
2024-06-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved