Release Date: June 15, 2022
Trend Micro Vulnerability Identifier: CVE-2022-33158
Platform(s): Microsoft Windows
Severity Rating: 7.8
Trend Micro has released a new version of Trend Micro VPN Proxy One Pro (consumer) that resolves an incorrect permission assignment local privilege escalation vulnerability.
|VPN Proxy One Pro||Version 5.2.1026||Microsoft Windows||English|
Trend Micro has released a version to resolve this issue:
|VPN Proxy One Pro||Version 5.3.1056||Microsoft Windows||English|
Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly permissive folders in a key directory which could allow a local attacker to obtain privilege escalation on an affected system.
Trend Micro has received no reports nor is aware of any actual attacks against the affected products related to this vulnerability at this time.
None identified. Customers are advised to ensure they always have the latest version of the program.
Trend Micro would like to thank the following individual for responsibly disclosing the issue and working with Trend Micro to help protect our customers:
- Hashim Jawad (@ihack4falafel) with Trend Micro Zero Day Initiative.
Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.