CVE-2021-28645 vulnerability in TrendMicro Products
Published on April 13, 2021

An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

NVD

Products Associated with CVE-2021-28645

stack.watch emails you whenever new vulnerabilities are published in TrendMicro Apex One or TrendMicro Officescan. Just hit a watch button to start following.

TrendMicro Apex One

TrendMicro Officescan

Affected Versions

Trend Micro Apex One:

Version 2019, SaaS is affected.

Trend Micro OfficeScan:

Version XG SP1 is affected.

Exploit Probability

EPSS

0.07%

Percentile

21.31%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-28645 vulnerability in TrendMicro ProductsPublished on April 13, 2021

Products Associated with CVE-2021-28645

Affected Versions

Exploit Probability

CVE-2021-28645 vulnerability in TrendMicro Products
Published on April 13, 2021