CyberSec.Space Logo
Back to CVE Browser

CVE-2021-36742

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score61.2460%
EPSS Percentile96.78th
PublishedJul 29, 2021
Last ModifiedOct 31, 2025

Vulnerability Description

A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Affected Platforms (CPE)

πŸ“¦
Trendmicro

Officescan

= xg
πŸ“¦
Trendmicro

Officescan Business Security

= 10.0
πŸ“¦
Trendmicro

Apex One

= 2019
πŸ“¦
Trendmicro

Worry Free Business Security

= 10.0

References & Advisories

πŸ”— https://success.trendmicro.com/jp/solution/000287796
πŸ”— https://success.trendmicro.com/jp/solution/000287815
πŸ”— https://success.trendmicro.com/solution/000287819
πŸ”— https://success.trendmicro.com/solution/000287820
πŸ”— https://success.trendmicro.com/jp/solution/000287796
πŸ”— https://success.trendmicro.com/jp/solution/000287815
πŸ”— https://success.trendmicro.com/solution/000287819
πŸ”— https://success.trendmicro.com/solution/000287820

Related Vulnerabilities

CVE-2007-345410.0

Stack-based buffer overflow in CGIOCommon.dll before 8.0.0.1042 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote atta...

CVE-2007-345510.0

cgiChkMasterPwd.exe before 8.0.0.142 in Trend Micro OfficeScan Corporate Edition 8.0 allows remote attackers to bypass the passwor...

CVE-2006-138110.0

Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local use...

CVE-2008-243710.0

Stack-based buffer overflow in cgiRecvFile.exe in Trend Micro OfficeScan 7.3 patch 4 build 1362 and other builds, OfficeScan 8.0 a...