Release Date: January 23, 2026
CVE Vulnerability Identifiers: CVE-2025-71218
Platform(s): Microsoft Windows
CVSS v3.1: : 5.0 (AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:H)
Severity Rating: Medium
Summary
Trend Micro has released a new version of Cleaner One Pro. The latest release addresses a symlink-based vulnerability that previously allowed local privilege escalation by ensuring the installer’s elevated logging mechanism no longer writes to attacker-controlled or redirected file paths.
Affected version(s)
| PRODUCT | AFFECTED VERSION(S) | PLATFORM | LANGUAGE(S) |
|---|---|---|---|
| Cleaner One Pro | 6.8.0.339 | Microsoft Windows | English |
Solution
Trend Micro has released an update that resolves the issue.
| PRODUCT | UPDATED VERSION(S) | PLATFORM | LANGUAGE(S) |
|---|---|---|---|
| Cleaner One Pro | 6.8.0.359 | Microsoft Windows | English |
Vulnerability Details
A low‑privileged user can exploit a symlink or TOCTOU (Time-of-Check Time-of-Use) vulnerability in Cleaner One Pro’s installation process to gain Administrator privileges by redirecting the installer’s elevated log‑writing operation to an arbitrary system file, enabling unauthorized file creation or overwrite with high integrity.
Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to this vulnerability at this time.
Mitigating Factors
None identified. Customers are advised to ensure they always have the latest version of the program.
Acknowledgement
Trend Micro would like to thank Anonymous working with Trend Micro’s Zero Day Initiative (ZDI) for responsibly disclosing this issue and working with Trend Micro to help protect our customers.
Additional Assistance
Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.