Trendmicro Worry-free Business Security — known CVE vulnerabilities
Every CVE whose affected-product data names Trendmicro Worry-free Business Security, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (58)
CVE-2019-18189 — CVSS 9.8 (critical): A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5, 10.0) may allow…
CVE-2020-8600 — CVSS 9.8 (critical): Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability that could allow an attacker…
CVE-2020-8598 — CVSS 9.8 (critical): Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file…
CVE-2008-2433 — CVSS 9.8 (critical): The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite…
CVE-2025-49154 — CVSS 8.7 (high): An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker…
CVE-2021-44019 — CVSS 7.8 (high): An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate…
CVE-2020-24556 — CVSS 7.8 (high): A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security Services…
CVE-2020-24559 — CVSS 7.8 (high): A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow…
CVE-2021-25249 — CVSS 7.8 (high): An out-of-bounds write information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free…
CVE-2021-32463 — CVSS 7.8 (high): An incorrect permission assignment denial-of-service vulnerability in Trend Micro Apex One, Apex One as a Service (SaaS), Worry-Free…
CVE-2021-42012 — CVSS 7.8 (high): A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could…
CVE-2021-42104 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free…
CVE-2021-42105 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free…
CVE-2021-42106 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free…
CVE-2021-42107 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free…
CVE-2021-42108 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security…
CVE-2021-44020 — CVSS 7.8 (high): An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate…
CVE-2021-44021 — CVSS 7.8 (high): An unnecessary privilege vulnerability in Trend Micro Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate…
CVE-2021-45231 — CVSS 7.8 (high): A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security…
CVE-2021-45440 — CVSS 7.8 (high): A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only)…
CVE-2021-45441 — CVSS 7.8 (high): A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a…
CVE-2022-24679 — CVSS 7.8 (high): A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro…
CVE-2022-24680 — CVSS 7.8 (high): A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro…
CVE-2022-36336 — CVSS 7.8 (high): A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local…
CVE-2022-24678 — CVSS 7.5 (high): An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend…
CVE-2021-23139 — CVSS 7.5 (high): A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI…
CVE-2019-9489 — CVSS 7.5 (high): A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions…
CVE-2020-8470 — CVSS 7.5 (high): Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file…
CVE-2020-28574 — CVSS 7.5 (high): A unauthenticated path traversal arbitrary remote file deletion vulnerability in Trend Micro Worry-Free Business Security 10 SP1 could…
CVE-2020-24558 — CVSS 7.1 (high): A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll may allow…
CVE-2021-45442 — CVSS 7.1 (high): A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to…
CVE-2022-23805 — CVSS 7.1 (high): A security out-of-bounds read information disclosure vulnerability in Trend Micro Worry-Free Business Security Server could allow a local…
CVE-2021-44024 — CVSS 7.1 (high): A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security…
CVE-2018-6218 — CVSS 7.0 (high): A DLL Hijacking vulnerability in Trend Micro's User-Mode Hooking Module (UMH) could allow an attacker to run arbitrary code on a vulnerable…
CVE-2021-25246 — CVSS 6.5 (medium): An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG SP1, and…
CVE-2016-1224 — CVSS 6.1 (medium): CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote…
CVE-2021-25248 — CVSS 5.5 (medium): An out-of-bounds read information disclosure vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free…
CVE-2021-3848 — CVSS 5.5 (medium): An arbitrary file creation by privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service, Worry-Free Business…
CVE-2021-25252 — CVSS 5.5 (medium): Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) - are vulnerable to a memory exhaustion vulnerability that may…
CVE-2021-25244 — CVSS 5.3 (medium): An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various…
CVE-2016-1223 — CVSS 5.3 (medium): Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business…
CVE-2021-25228 — CVSS 5.3 (medium): An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security…
CVE-2021-25231 — CVSS 5.3 (medium): An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security…
CVE-2021-25233 — CVSS 5.3 (medium): An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security…
CVE-2021-25234 — CVSS 5.3 (medium): An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security…
CVE-2021-25236 — CVSS 5.3 (medium): A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security…
CVE-2021-25238 — CVSS 5.3 (medium): An improper access control information disclosure vulnerability in Trend Micro OfficeScan XG SP1 and Worry-Free Business Security 10.0 SP1…
CVE-2021-25239 — CVSS 5.3 (medium): An improper access control vulnerability in Trend Micro Apex One (on-prem), OfficeScan XG SP1, and Worry-Free Business Security 10.0 SP1…
CVE-2021-25240 — CVSS 5.3 (medium): An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security…
CVE-2021-25241 — CVSS 5.3 (medium): A server-side request forgery (SSRF) information disclosure vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1…
CVE-2021-25242 — CVSS 5.3 (medium): An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security…
CVE-2021-25243 — CVSS 5.3 (medium): An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan XG SP1, and Worry-Free Business Security…
CVE-2021-25245 — CVSS 5.3 (medium): An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an unauthenticated user to obtain various…