CVE-2021-44023

CWE-593 documents3 sources

Severity

7.1HIGH

EPSS

0.2%

top 56.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trendmicro Antivirus\+ Security 2021 Trendmicro Internet Security 2021 Trendmicro Maximum Security 2021 +2 more

Timeline

PublishedDec 16

Latest updateDec 17

Description

A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abuse the PC Health Checkup feature of the product to create symlinks that would allow modification of files which could lead to a denial-of-service.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages5 packages

▶NVDtrendmicro/maximum_security_202117.0

▶NVDtrendmicro/premium_security_202117.0

▶NVDtrendmicro/internet_security_202117.0

▶NVDtrendmicro/antivirus\+_security_202117.0

▶CVEListV5trend_micro/trend_micro_security_(consumer)2021 (v17)

🔴Vulnerability Details

GHSA

GHSA-jx33-88wc-7x75: A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abus↗2021-12-17

▶

CVEList

CVE-2021-44023: A link following denial-of-service (DoS) vulnerability in the Trend Micro Security (Consumer) 2021 familiy of products could allow an attacker to abus↗2021-12-16

▶