CVE-2021-3848

Name of the Vulnerable Software and Affected Versions Trend Micro Apex One version 10.0 SP1 Trend Micro Apex One as a Service version 10.0 SP1 Trend Micro Worry-Free Business Security version 10.0 SP1 Trend Micro Worry-Free Business Security Services version 10.0 SP1

Description An arbitrary file creation by privilege escalation issue could allow a local attacker to create an arbitrary file with higher privileges, potentially leading to a denial-of-service (DoS) on affected installations. The attacker must first obtain the ability to execute low-privileged code on the target system to exploit this issue.

Recommendations For Trend Micro Apex One version 10.0 SP1, update to a version that includes a fix for this issue. For Trend Micro Apex One as a Service version 10.0 SP1, update to a version that includes a fix for this issue. For Trend Micro Worry-Free Business Security version 10.0 SP1, update to a version that includes a fix for this issue. For Trend Micro Worry-Free Business Security Services version 10.0 SP1, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to sensitive areas of the system to minimize the risk of exploitation.