CVE-2021-25252
MEDIUMTrend Micro's Virus Scan API/ATSE - Memory Corruption
Title source: llmDescription
Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may lead to denial-of-service or system freeze if exploited by an attacker using a specially crafted file.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://success.trendmicro.com/solution/000285675
Scores
CVSS v3
5.5
EPSS
0.0018
EPSS Percentile
38.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (23)
trendmicro/apex_central
2019
trendmicro/apex_one
2019
trendmicro/apex_one
trendmicro/cloud_edge
5.0
trendmicro/control_manager
7.0
trendmicro/deep_discovery_analyzer
5.1
trendmicro/deep_discovery_email_inspector
2.5
trendmicro/deep_discovery_inspector
3.8
trendmicro/deep_security
10.0
trendmicro/deep_security
11.0
... and 13 more
Published
Mar 03, 2021
Tracked Since
Feb 18, 2026