CVE-2021-42011: 
Trend Micro Apex One Agent vulnerability analysis and mitigation

An incorrect permission assignment vulnerability was discovered in Trend Micro Apex One and Apex One as a Service (CVE-2021-42011). The vulnerability could allow a local attacker to load a DLL with escalated privileges on affected installations. The vulnerability was disclosed on October 21, 2021 (NVD, ZDI Advisory).

The specific flaw exists within the ApexOne Security Agent. The issue results from incorrect permissions set on a resource used by the service. The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. The weakness has been classified as CWE-276 (Incorrect Default Permissions) (NVD, ZDI Advisory).

If successfully exploited, this vulnerability allows an attacker to escalate privileges and execute arbitrary code in the context of SYSTEM. However, it's important to note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability (ZDI Advisory).

Trend Micro has issued an update to correct this vulnerability. Users are advised to apply the patch available through the vendor's security advisory (Trend Micro Advisory).