Request a Demo
Rewterz
Rewterz Threat Alert – Troldesh Ransomware – Active IOCs
August 30, 2021
Rewterz
Rewterz Threat Alert – Orcus RAT – Active IOCs
August 31, 2021

Rewterz Threat Advisory –CVE-2021-36744 – Trend Micro Security Vulnerability

Severity

Medium

Analysis Summary

CVE-2021-36744

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Maximum Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Maximum Security Agent. By creating a directory junction, an attacker can abuse the service to delete a file. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.

Impact

  • Denial of Service
  • Code Execution

Affected Vendors

Trend Micro

Affected Products

  • Maximum Security

Remediation

Trend Micro has issued an update to correct this vulnerability. More details can be found at:

https://helpcenter.trendmicro.com/en-us/article/tmka-10568