Trendmicro Maximum Security 2022 vulnerabilities

CVE-2025-52521 [HIGH] CWE-64 CVE-2025-52521: Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vu Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

CVE-2025-49384 [HIGH] CWE-64 CVE-2025-49384: Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vu Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

CVE-2025-49385 [HIGH] CWE-64 CVE-2025-49385: Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vu Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

CVE-2024-32849 [HIGH] CWE-269 CVE-2024-32849: Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that coul Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

CVE-2023-28929 [HIGH] CWE-427 CVE-2023-28929: Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence mechanism which could execute a malicious program each time the executable file is started.

CVE-2022-48191 [HIGH] CWE-367 CVE-2022-48191: A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to a specific location and in the process of removal and restoral an attacker could replace an original folder with a mount point to an arbitrary location, allowing a escalation of privileges on an affected system.

CVE-2022-30687 [HIGH] CWE-59 CVE-2022-30687: Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary files.