CVE-2021-25228

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One versions (affected versions not specified) Trend Micro OfficeScan XG SP1 Trend Micro Worry-Free Business Security 10.0 SP1

Description: The issue is related to improper access control, which could allow an unauthenticated user to obtain information about hotfix history. There is no information available about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations: For Trend Micro Apex One, update to a version that addresses the improper access control issue. For Trend Micro OfficeScan XG SP1, consider restricting access to sensitive information until a patch is available. For Trend Micro Worry-Free Business Security 10.0 SP1, avoid using the software until a fixed version is released. At the moment, there is no information about a newer version that contains a fix for this vulnerability.