CVE-2021-32460

The Trend Micro Maximum Security 2021 (v17) consumer product is vulnerable to an improper access control vulnerability in the installer which could allow a local attacker to escalate privileges on a target machine. Please note than an attacker must already have local user privileges and access on the machine to exploit this vulnerability.

Published: Jun 3, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-32460
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-732

Affected Software
References

Software	From	Fixed in
trendmicro / maximum_security_2021	17.0	17.0.x

https://helpcenter.trendmicro.com/en-us/article/TMKA-10336
https://www.zerodayinitiative.com/advisories/ZDI-21-603/

Vulnerability Database

289,871

CVE-2021-32460