PT-2021-17884 · Trend Micro · Trend Micro Antivirus For Mac

Wojciech Regula

Published

2021-04-15

Updated

2021-04-29

CVE-2021-28648

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Trend Micro Antivirus for Mac versions 10.5 through 11

Description: The issue is related to an improper access control privilege escalation that could allow an attacker to establish a connection, potentially leading to full local privilege escalation within the application. An attacker must first obtain the ability to execute low-privileged code on the target system to exploit this issue.

Recommendations: For versions 10.5 and 11, update to a version that includes the fix for the improper access control privilege escalation issue to prevent potential exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2021-28648

ZDI-21-420

Affected Products

Trend Micro Antivirus For Mac

PT-2021-17884 · Trend Micro · Trend Micro Antivirus For Mac

CVE-2021-28648

Related Identifiers

Affected Products

References · 4