Severity
High
Analysis Summary
CVE-2021-44021: CVE-2021-44020: CVE-2021-44019
Trend Micro Worry-Free Business Security could allow a locally authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Security Server. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute arbitrary code in the context of SYSTEM.
Impact
- Privilege Escalation
Affected Vendors
Trend Micro
Affected Products
- Trend Micro Worry-Free Business Security 10.0 SP1
- Trend Micro Worry-Free Business Security Services
Remediation
Refer to Trend Micro Security Advisory for patch, upgrade, or suggested workaround information.