Trendmicro Worry-free Business Security Services — known CVE vulnerabilities
Every CVE whose affected-product data names Trendmicro Worry-free Business Security Services, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (25)
CVE-2025-49154 — CVSS 8.7 (high): An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker…
CVE-2022-36336 — CVSS 7.8 (high): A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local…
CVE-2022-24679 — CVSS 7.8 (high): A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro…
CVE-2021-45440 — CVSS 7.8 (high): A unnecessary privilege vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security 10.0 SP1 (on-prem versions only)…
CVE-2021-45441 — CVSS 7.8 (high): A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a local attacker drop and manipulate a…
CVE-2020-24556 — CVSS 7.8 (high): A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security Services…
CVE-2022-24680 — CVSS 7.8 (high): A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro…
CVE-2020-24559 — CVSS 7.8 (high): A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow…
CVE-2021-42012 — CVSS 7.8 (high): A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could…
CVE-2021-42104 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free…
CVE-2021-42105 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free…
CVE-2021-42106 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free…
CVE-2021-42107 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and Worry-Free…
CVE-2021-42108 — CVSS 7.8 (high): Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security…
CVE-2021-45231 — CVSS 7.8 (high): A link following privilege escalation vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security…
CVE-2025-53378 — CVSS 7.6 (high): A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an…
CVE-2022-24678 — CVSS 7.5 (high): An security agent resource exhaustion denial-of-service vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend…
CVE-2021-23139 — CVSS 7.5 (high): A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI…
CVE-2021-44024 — CVSS 7.1 (high): A link following denial-of-service vulnerability in Trend Micro Apex One (on-prem and SaaS) and Trend Micro Worry-Free Business Security…
CVE-2020-24558 — CVSS 7.1 (high): A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll may allow…
CVE-2021-45442 — CVSS 7.1 (high): A link following denial-of-service vulnerability in Trend Micro Worry-Free Business Security (on prem only) could allow a local attacker to…
CVE-2025-49487 — CVSS 6.8 (medium): An uncontrolled search path vulnerability in the Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an…
CVE-2016-1224 — CVSS 6.1 (medium): CRLF injection vulnerability in Trend Micro Worry-Free Business Security Service 5.x and Worry-Free Business Security 9.0 allows remote…
CVE-2016-1223 — CVSS 5.3 (medium): Directory traversal vulnerability in Trend Micro Office Scan 11.0, Worry-Free Business Security Service 5.x, and Worry-Free Business…