CVE-2021-25246 vulnerability in TrendMicro Products
Published on February 4, 2021

An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and Worry-Free Business Security could allow an unauthenticated user to create a bogus agent on an affected server that could be used then make valid configuration queries.

NVD

Products Associated with CVE-2021-25246

Want to know whenever a new CVE is published for TrendMicro products? stack.watch will email you.

TrendMicro Apex One

TrendMicro Officescan

TrendMicro Worry Free Business Security

Affected Versions

Trend Micro Apex One:

Version 2019, SaaS is affected.

Trend Micro OfficeScan:

Version XG SP1 is affected.

Trend Micro Worry-Free Business Security:

Version 10.0 SP1 is affected.

Exploit Probability

EPSS

0.36%

Percentile

57.57%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-25246 vulnerability in TrendMicro ProductsPublished on February 4, 2021

Products Associated with CVE-2021-25246

Affected Versions

Exploit Probability

CVE-2021-25246 vulnerability in TrendMicro Products
Published on February 4, 2021