cvelistv5 - cve-2021-36742

cve-2021-36742

Vulnerability from cvelistv5

Published

2021-07-29 19:23

Modified

2024-08-04 01:01

Severity ?

Summary

A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

References

URL	Tags
security@trendmicro.com	https://success.trendmicro.com/jp/solution/000287796	Vendor Advisory
security@trendmicro.com	https://success.trendmicro.com/jp/solution/000287815	Vendor Advisory
security@trendmicro.com	https://success.trendmicro.com/solution/000287819	Vendor Advisory
security@trendmicro.com	https://success.trendmicro.com/solution/000287820	Vendor Advisory

Impacted products

▼	Vendor	Product
	Trend Micro	Trend Micro Apex One
	Trend Micro	Trend Micro OfficeScan
	Trend Micro	Trend Micro Worry-Free Business Security

CISA Known exploited vulnerability

Data from the Known Exploited Vulnerabilities Catalog

Date added: 2021-11-03

Due date: 2021-11-17

Required action: Apply updates per vendor instructions.

Used in ransomware: Unknown

Notes: https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2021-36742

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T01:01:59.398Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000287819"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/solution/000287820"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/jp/solution/000287796"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://success.trendmicro.com/jp/solution/000287815"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Trend Micro Apex One",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "2019, SaaS"
            }
          ]
        },
        {
          "product": "Trend Micro OfficeScan",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "XG SP1"
            }
          ]
        },
        {
          "product": "Trend Micro Worry-Free Business Security",
          "vendor": "Trend Micro",
          "versions": [
            {
              "status": "affected",
              "version": "10.0 SP1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Local Privilege Escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-29T19:23:14",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000287819"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/solution/000287820"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/jp/solution/000287796"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://success.trendmicro.com/jp/solution/000287815"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2021-36742",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Trend Micro Apex One",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2019, SaaS"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro OfficeScan",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "XG SP1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Trend Micro Worry-Free Business Security",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "10.0 SP1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Trend Micro"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Local Privilege Escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://success.trendmicro.com/solution/000287819",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000287819"
            },
            {
              "name": "https://success.trendmicro.com/solution/000287820",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/solution/000287820"
            },
            {
              "name": "https://success.trendmicro.com/jp/solution/000287796",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/jp/solution/000287796"
            },
            {
              "name": "https://success.trendmicro.com/jp/solution/000287815",
              "refsource": "MISC",
              "url": "https://success.trendmicro.com/jp/solution/000287815"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2021-36742",
    "datePublished": "2021-07-29T19:23:14",
    "dateReserved": "2021-07-14T00:00:00",
    "dateUpdated": "2024-08-04T01:01:59.398Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2021-36742",
      "cwes": "[\"CWE-20\"]",
      "dateAdded": "2021-11-03",
      "dueDate": "2021-11-17",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://success.trendmicro.com/dcx/s/solution/000287819?language=en_US, https://success.trendmicro.com/dcx/s/solution/000287820?language=en_US; https://nvd.nist.gov/vuln/detail/CVE-2021-36742",
      "product": "Apex One, Apex One as a Service, and Worry-Free Business Security",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Trend Micro Apex One, Apex One as a Service, and Worry-Free Business Security contain an improper input validation vulnerability that allows for privilege escalation.",
      "vendorProject": "Trend Micro",
      "vulnerabilityName": "Trend Micro Multiple Products Improper Input Validation Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-36742\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2021-07-29T20:15:07.650\",\"lastModified\":\"2021-08-06T16:44:57.420\",\"vulnStatus\":\"Analyzed\",\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2021-11-17\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Trend Micro Multiple Products Improper Input Validation Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de comprobaci\u00f3n de entrada inapropiada en Trend Micro Apex One, Apex One as a Service, OfficeScan XG y Worry-Free Business Security versi\u00f3n 10.0 SP1, permite a un atacante local escalar privilegios en las instalaciones afectadas. Nota: un atacante debe obtener primero la habilidad de ejecutar c\u00f3digo poco privilegiado en el sistema objetivo para poder explotar esta vulnerabilidad\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":4.6},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:officescan:xg:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"64600B42-4884-41F2-A683-AE1EDB79372E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:officescan_business_security:10.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"762313F8-2BA6-4ED7-A977-56C962D5B27F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF019D2D-C426-4D2D-A254-442CE777B41E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFCE8717-85D2-4F4F-91DF-C6DA341C4E19\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://success.trendmicro.com/jp/solution/000287796\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://success.trendmicro.com/jp/solution/000287815\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://success.trendmicro.com/solution/000287819\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://success.trendmicro.com/solution/000287820\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

cve-2021-36742

Vulnerability from jvndb

Published

2021-08-04 11:15

Modified

2021-08-04 11:15

Severity ?

7.8 (High) - cvssV3_0 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Multiple vulnerabilities in multiple Trend Micro Endpoint security products for enterprises

Details

Multiple Endpoint security products for enterprises provided by Trend Micro Incorporated contain multiple vulnerabilities listed below. * Incorrect Permission Assignment (CWE-732) - CVE-2021-32464 * Improper Preservation of Permissions (CWE-281) - CVE-2021-32465 * Improper Input Validation (CWE-20) - CVE-2021-36741 * Improper Input Validation (CWE-20) - CVE-2021-36742 Trend Micro Incorporated states that attacks against CVE-2021-36741 and CVE-2021-36742 have been observed. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.

References

▼	Type	URL
	JVN	https://jvn.jp/en/vu/JVNVU93876919/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32464
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32465
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36741
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36742
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-32464
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-32465
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-36742
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2021-36741
	JPCERT	https://www.jpcert.or.jp/at/2021/at210033.html
	CISA Known Exploited Vulnerabilities Catalog	https://cisa.gov/known-exploited-vulnerabilities-catalog
	Improper Input Validation(CWE-20)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
	Improper Preservation of Permissions(CWE-281)	http://cwe.mitre.org/data/definitions/281.html
	Incorrect Permission Assignment for Critical Resource(CWE-732)	https://cwe.mitre.org/data/definitions/732.html

Impacted products

▼	Vendor	Product
	Trend Micro, Inc.	Apex One
	Trend Micro, Inc.	Worry-Free Business Security
	Trend Micro, Inc.	Worry-Free Business Security Services

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002077.html",
  "dc:date": "2021-08-04T11:15+09:00",
  "dcterms:issued": "2021-08-04T11:15+09:00",
  "dcterms:modified": "2021-08-04T11:15+09:00",
  "description": "Multiple Endpoint security products for enterprises provided by Trend Micro Incorporated contain multiple vulnerabilities listed below.\r\n\r\n* Incorrect Permission Assignment (CWE-732) - CVE-2021-32464\r\n* Improper Preservation of Permissions (CWE-281) - CVE-2021-32465\r\n* Improper Input Validation (CWE-20) - CVE-2021-36741\r\n* Improper Input Validation (CWE-20) - CVE-2021-36742\r\n\r\nTrend Micro Incorporated states that attacks against CVE-2021-36741 and CVE-2021-36742 have been observed.\r\n\r\nTrend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.",
  "link": "https://jvndb.jvn.jp/en/contents/2021/JVNDB-2021-002077.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:trendmicro:apex_one",
      "@product": "Apex One",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security",
      "@product": "Worry-Free Business Security",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:trendmicro:business_security_services",
      "@product": "Worry-Free Business Security Services",
      "@vendor": "Trend Micro, Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": [
    {
      "@score": "7.2",
      "@severity": "High",
      "@type": "Base",
      "@vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
      "@version": "2.0"
    },
    {
      "@score": "7.8",
      "@severity": "High",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2021-002077",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/vu/JVNVU93876919/index.html",
      "@id": "JVNVU#93876919",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32464",
      "@id": "CVE-2021-32464",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32465",
      "@id": "CVE-2021-32465",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36741",
      "@id": "CVE-2021-36741",
      "@source": "CVE"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36742",
      "@id": "CVE-2021-36742",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-32464",
      "@id": "CVE-2021-32464",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-32465",
      "@id": "CVE-2021-32465",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-36742",
      "@id": "CVE-2021-36742",
      "@source": "NVD"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2021-36741",
      "@id": "CVE-2021-36741",
      "@source": "NVD"
    },
    {
      "#text": "https://www.jpcert.or.jp/at/2021/at210033.html",
      "@id": "JPCERT-AT-2021-0033",
      "@source": "JPCERT"
    },
    {
      "#text": "https://cisa.gov/known-exploited-vulnerabilities-catalog",
      "@id": "CVE-2021-36741, CVE-2021-36742",
      "@source": "CISA Known Exploited Vulnerabilities Catalog"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-20",
      "@title": "Improper Input Validation(CWE-20)"
    },
    {
      "#text": "http://cwe.mitre.org/data/definitions/281.html",
      "@id": "CWE-281",
      "@title": "Improper Preservation of Permissions(CWE-281)"
    },
    {
      "#text": "https://cwe.mitre.org/data/definitions/732.html",
      "@id": "CWE-732",
      "@title": "Incorrect Permission Assignment for Critical Resource(CWE-732)"
    }
  ],
  "title": "Multiple vulnerabilities in multiple Trend Micro Endpoint security products for enterprises"
}

ghsa-h3hj-ff5j-498h

Vulnerability from github

Published

2022-05-24 19:09

Modified

2022-05-24 19:09

Details

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-36742"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-07-29T20:15:00Z",
    "severity": "HIGH"
  },
  "details": "A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
  "id": "GHSA-h3hj-ff5j-498h",
  "modified": "2022-05-24T19:09:17Z",
  "published": "2022-05-24T19:09:17Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-36742"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/jp/solution/000287796"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/jp/solution/000287815"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/000287819"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/solution/000287820"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2021-36742

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2021-36742

Aliases

CVE-2021-36742

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-36742",
    "description": "A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
    "id": "GSD-2021-36742"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-36742"
      ],
      "details": "A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
      "id": "GSD-2021-36742",
      "modified": "2023-12-13T01:23:16.973654Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2021-36742",
      "dateAdded": "2021-11-03",
      "dueDate": "2021-11-17",
      "product": "Trend Micro Multiple Products",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.",
      "vendorProject": "Trend Micro",
      "vulnerabilityName": "Trend Micro Systems Multiple Products Buffer Overflow - Arbitrary File Upload"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@trendmicro.com",
        "ID": "CVE-2021-36742",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Trend Micro Apex One",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "2019, SaaS"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Trend Micro OfficeScan",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "XG SP1"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Trend Micro Worry-Free Business Security",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "10.0 SP1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Trend Micro"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Local Privilege Escalation"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://success.trendmicro.com/solution/000287819",
            "refsource": "MISC",
            "url": "https://success.trendmicro.com/solution/000287819"
          },
          {
            "name": "https://success.trendmicro.com/solution/000287820",
            "refsource": "MISC",
            "url": "https://success.trendmicro.com/solution/000287820"
          },
          {
            "name": "https://success.trendmicro.com/jp/solution/000287796",
            "refsource": "MISC",
            "url": "https://success.trendmicro.com/jp/solution/000287796"
          },
          {
            "name": "https://success.trendmicro.com/jp/solution/000287815",
            "refsource": "MISC",
            "url": "https://success.trendmicro.com/jp/solution/000287815"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:officescan:xg:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:trendmicro:officescan_business_security:10.0:sp1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:trendmicro:worry-free_business_security:10.0:sp1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@trendmicro.com",
          "ID": "CVE-2021-36742"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://success.trendmicro.com/jp/solution/000287796"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://success.trendmicro.com/solution/000287819"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://success.trendmicro.com/solution/000287820"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://success.trendmicro.com/jp/solution/000287815"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-08-06T16:44Z",
      "publishedDate": "2021-07-29T20:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2021-36742

Vulnerability from cvelistv5

CISA Known exploited vulnerability

Data from the Known Exploited Vulnerabilities Catalog

cve-2021-36742

Vulnerability from jvndb

ghsa-h3hj-ff5j-498h

Vulnerability from github

gsd-2021-36742

Vulnerability from gsd

Tags

Sightings

Nomenclature