CVE-2021-32462
Summary
| CVE | CVE-2021-32462 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-07-08 11:15:00 UTC |
| Updated | 2021-07-23 19:58:00 UTC |
| Description | Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Microsoft | Windows | - | All | All | All |
| Application | Trendmicro | Password Manager | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Bulletin: June 2021 Security Bulletin for Trend Micro Password Manager · Trend Micro for Home | MISC | helpcenter.trendmicro.com | |
| ZDI-21-774 | Zero Day Initiative | MISC | www.zerodayinitiative.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.