CVE-2021-25227

Опубликовано: 04 фев. 2021

Источник: nvd

CVSS3: 3.3

CVSS2: 1.9

EPSS Низкий

Описание

Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability - i.e. the attacker must already have access to the target system (either legitimately or via another exploit).

Ссылки

https://helpcenter.trendmicro.com/en-us/article/TMKA-10191
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-102/
Third Party Advisory
VDB Entry
https://helpcenter.trendmicro.com/en-us/article/TMKA-10191
Patch
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-21-102/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:trendmicro:antivirus:9.0:*:*:*:*:macos:*:*

cpe:2.3:a:trendmicro:antivirus:10.0:*:*:*:*:macos:*:*

cpe:2.3:a:trendmicro:antivirus:10.5:*:*:*:*:macos:*:*

cpe:2.3:a:trendmicro:antivirus:11.0:*:*:*:*:macos:*:*

EPSS

Процентиль: 26%

0.00091

Низкий

3.3 Low

CVSS3

1.9 Low

CVSS2

Дефекты

CWE-400

Связанные уязвимости

GHSA-j2x4-hphx-h7rg

github

больше 3 лет назад

Trend Micro Antivirus for Mac 2021 (Consumer) is vulnerable to a memory exhaustion vulnerability that could lead to disabling all the scanning functionality within the application. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability – i.e. the attacker must already have access to the target system (either legitimately or via another exploit).