CVE-2021-32462
HIGHTrend Micro Password Manager < 5.0.0.1217 - Authenticated Remote Code Execution via Registry Manipulation
Title source: llmDescription
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://helpcenter.trendmicro.com/en-us/article/TMKA-10388
Third Party Advisory, VDB Entry x_refsource_misc
https://www.zerodayinitiative.com/advisories/ZDI-21-774/
Scores
CVSS v3
8.8
EPSS
0.1741
EPSS Percentile
95.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
Status
published
Products (1)
trendmicro/password_manager
< 5.0.0.1217
Published
Jul 08, 2021
Tracked Since
Feb 18, 2026