Trend Micro OfficeScan 10 SP1 < 10 SP1 Patch 2329 Multiple Vulnerabilities (000287815)

high Nessus Plugin ID 154962

Synopsis

The remote host is running an application that is affected by multiple vulnerabilities.

Description

According to its self-reported version, the Trend Micro OfficeScan application running on the remote host is prior to 10 SP1 Patch 2329. It is, therefore, affected by multiple vulnerabilities:

- An improper input validation vulnerability has been identified in business security. This may allow you to upload arbitrary files remotely. An attacker would need to be able to log in to the product management console to exploit this vulnerability. (CVE-2021-36741)

- An improper input validation vulnerability has been identified in business security. This can lead to local privilege escalation. Exploitation of this vulnerability requires low-privileged code execution on the target system. (CVE-2021-36742)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to OfficeScan 10 SP1 Patch 2329 or later.

See Also

https://success.trendmicro.com/jp/solution/000287815

Plugin Details

Severity: High

ID: 154962

File Name: trendmicro_officescan_000287815.nasl

Version: 1.6

Type: remote

Agent: windows

Family: Windows

Published: 11/8/2021

Updated: 4/25/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS Score Source: CVE-2021-36741

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:trend_micro:officescan

Required KB Items: installed_sw/Trend Micro OfficeScan

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/29/2021

Vulnerability Publication Date: 7/29/2021

CISA Known Exploited Vulnerability Due Dates: 11/17/2021

Reference Information

CVE: CVE-2021-36741, CVE-2021-36742