CVE-2021-25227 — Uncontrolled Resource Consumption in Micro Antivirus FOR MAC

CWE-400 — Uncontrolled Resource Consumption4 documents4 sources

Severity

3.3LOWNVD

EPSS

0.1%

top 74.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trend Micro Antivirus FOR MAC Trendmicro Antivirus

Timeline

PublishedFeb 4

Latest updateMay 24

Description

Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability - i.e. the attacker must already have access to the target system (either legitimately or via another exploit).

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

▶NVDtrendmicro/antivirus4 versions+3

▶CVEListV5trend_micro/trend_micro_antivirus_for_mac2021 (v11)

Patches

Patch: helpcenter.trendmicro.com ↗Patch: helpcenter.trendmicro.com ↗

🔴Vulnerability Details

GHSA

GHSA-j2x4-hphx-h7rg: Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functio↗2022-05-24

▶

CVEList

CVE-2021-25227: Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functio↗2021-02-04

▶