Trend Micro

Trend Micro, a major cybersecurity software vendor, has a high-severity vulnerability (CVSS 7.0) that requires local access and low-level user privileges to exploit, with no user interaction needed, potentially compromising confidentiality, integrity, and availability of affected systems. The attack is localized to individual machines rather than being remotely exploitable, which somewhat limits its scope but still poses significant risk to users with valid system accounts. Security teams should monitor for patches when Trend Micro releases updates by the December 12, 2024 deadline and prioritize systems where untrusted users have local access.