Cyber Resilience

CVE-2021-36744

High

Published: 06 September 2021

Published
06 September 2021
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0023 45.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-36744 is a high-severity Link Following (CWE-59) vulnerability in Trendmicro Maximum Security 2021. Its CVSS base score is 7.8 (High).

Operationally, ranked at the 45.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Trend Micro Security (Consumer) 2021 and 2020 are vulnerable to a directory junction vulnerability which could allow an attacker to exploit the system to escalate privileges and create a denial of service.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

trendmicro
maximum security 2019
15.0
trendmicro
maximum security 2020
16.0
trendmicro
maximum security 2021
17.0, 17.2
trendmicro
security for best buy
2021

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References