Skip to main content

Maximum Security 2022

6 CVEs product

Monthly

CVE-2025-52521 HIGH PATCH This Week

Trend Micro Security 17.8 for consumer platforms contains a local privilege escalation vulnerability via improper symlink handling (CWE-64: Improper Link Resolution Before File Access) that allows a local attacker with limited privileges to delete or modify critical Trend Micro system files without user interaction. The vulnerability affects Trend Micro Security 17.8 specifically and carries a CVSS 3.1 score of 7.8 (High) with local attack vector; KEV status, EPSS score, and active exploitation data are not provided in available sources, limiting real-world risk quantification.

Privilege Escalation Trend Micro Path Traversal Maximum Security 2022
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49385 HIGH PATCH This Week

Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits insecure link following to allow a low-privileged local attacker to delete privileged Trend Micro files, potentially compromising the security product's integrity. With a CVSS score of 7.8 and low attack complexity (AC:L), this vulnerability poses a significant risk to consumer systems where privilege escalation could disable or corrupt critical security components. No active exploitation (KEV status) or public POC has been reported at this time, but the low barrier to exploitation (local access with low privileges required) warrants prompt patching.

Privilege Escalation Trend Micro Windows Maximum Security 2022
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-49384 HIGH PATCH This Week

Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits improper link following (symlink/junction attack) to allow a low-privileged local attacker to delete privileged Trend Micro system files without user interaction. This vulnerability carries a CVSS 7.8 high severity rating due to high impact on confidentiality, integrity, and availability; however, real-world exploitability depends on KEV status, EPSS probability data, and proof-of-concept availability, which are not provided in the available intelligence.

Privilege Escalation Trend Micro Path Traversal Maximum Security 2022
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2024-32849 HIGH This Week

Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Maximum Security 2022 Maximum Security 2023
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-28929 HIGH This Week

Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Trend Micro Antivirus Security 2021 Internet Security 2021 Maximum Security 2021 +9
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-30687 HIGH This Week

Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Maximum Security 2022
NVD
CVSS 3.1
7.1
EPSS
0.4%
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Trend Micro Security 17.8 for consumer platforms contains a local privilege escalation vulnerability via improper symlink handling (CWE-64: Improper Link Resolution Before File Access) that allows a local attacker with limited privileges to delete or modify critical Trend Micro system files without user interaction. The vulnerability affects Trend Micro Security 17.8 specifically and carries a CVSS 3.1 score of 7.8 (High) with local attack vector; KEV status, EPSS score, and active exploitation data are not provided in available sources, limiting real-world risk quantification.

Privilege Escalation Trend Micro Path Traversal +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits insecure link following to allow a low-privileged local attacker to delete privileged Trend Micro files, potentially compromising the security product's integrity. With a CVSS score of 7.8 and low attack complexity (AC:L), this vulnerability poses a significant risk to consumer systems where privilege escalation could disable or corrupt critical security components. No active exploitation (KEV status) or public POC has been reported at this time, but the low barrier to exploitation (local access with low privileges required) warrants prompt patching.

Privilege Escalation Trend Micro Windows +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation vulnerability in Trend Micro Security 17.8 (Consumer) that exploits improper link following (symlink/junction attack) to allow a low-privileged local attacker to delete privileged Trend Micro system files without user interaction. This vulnerability carries a CVSS 7.8 high severity rating due to high impact on confidentiality, integrity, and availability; however, real-world exploitability depends on KEV status, EPSS probability data, and proof-of-concept availability, which are not provided in the available intelligence.

Privilege Escalation Trend Micro Path Traversal +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Trend Micro Security 17.x (Consumer) is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Maximum Security 2022 +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Trend Micro Security 2021, 2022, and 2023 (Consumer) are vulnerable to a DLL Hijacking vulnerability which could allow an attacker to use a specific executable file as an execution and/or persistence. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Trend Micro Antivirus Security 2021 +11
NVD
EPSS 0% CVSS 7.1
HIGH This Week

Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the product's secure erase feature to delete arbitrary. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Trend Micro Information Disclosure Maximum Security 2022
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy