CVE-2024-36473

medium

Description

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to local Denial of Service (DoS) and under specific conditions can lead to elevation of privileges.

References

https://www.zerodayinitiative.com/advisories/ZDI-24-585/

https://helpcenter.trendmicro.com/en-us/article/tmka-07247

Details

Source: Mitre, NVD

Published: 2024-06-10

Updated: 2025-07-30

Risk Information

CVSS v2

Base Score: 4.5

Vector: CVSS2#AV:L/AC:H/Au:S/C:N/I:P/A:C

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H

Severity: Medium

EPSS

EPSS: 0.00049