Vulnerability Description
The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and disable protection. An attacker must already have administrator privileges on the machine to exploit this vulnerability.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Trendmicro | Antivirus\+ Security 2020 | 16.0 |
| Trendmicro | Antivirus\+ Security 2021 | 17.0 |
| Trendmicro | Internet Security 2020 | 16.0 |
| Trendmicro | Internet Security 2021 | 17.0 |
| Trendmicro | Maximum Security 2020 | 16.0 |
| Trendmicro | Maximum Security 2021 | 17.0 |
| Trendmicro | Premium Security 2020 | 16.0 |
| Trendmicro | Premium Security 2021 | 17.0 |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://helpcenter.trendmicro.com/en-us/article/TMKA-10211Vendor Advisory
- https://helpcenter.trendmicro.com/en-us/article/TMKA-10211Vendor Advisory
FAQ
What is CVE-2021-25251?
CVE-2021-25251 is a vulnerability with a CVSS score of 7.2 (HIGH). The Trend Micro Security 2020 and 2021 families of consumer products are vulnerable to a code injection vulnerability which could allow an attacker to disable the program's password protection and dis...
How severe is CVE-2021-25251?
CVE-2021-25251 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-25251?
Check the references section above for vendor advisories and patch information. Affected products include: Trendmicro Antivirus\+ Security 2020, Trendmicro Antivirus\+ Security 2021, Trendmicro Internet Security 2020, Trendmicro Internet Security 2021, Trendmicro Maximum Security 2020.