{"vulnerability": "CVE-2021-3246", "sightings": [{"uuid": "edd6eaec-1ef3-4ce4-b3f7-7d2fba217e41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32464", "type": "exploited", "source": "https://t.me/cKure/6595", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Security firms Trend Micro is warning its customers of attacks exploiting zero-day vulnerabilities in its Apex One and Apex One as a Service products.\n\nThe security firm also reported that attackers already exploited at least two of the flaws (CVE-2021-32464, CVE-2021-32465, CVE-2021-36741, CVE-2021-36742) in attacks in the wild.", "creation_timestamp": "2021-08-13T05:19:44.000000Z"}, {"uuid": "8d569aed-2d2d-4305-82cd-f89312c92d5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32465", "type": "exploited", "source": "https://t.me/cKure/6595", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Security firms Trend Micro is warning its customers of attacks exploiting zero-day vulnerabilities in its Apex One and Apex One as a Service products.\n\nThe security firm also reported that attackers already exploited at least two of the flaws (CVE-2021-32464, CVE-2021-32465, CVE-2021-36741, CVE-2021-36742) in attacks in the wild.", "creation_timestamp": "2021-08-13T05:19:44.000000Z"}, {"uuid": "b801dc7e-36d2-4c4a-ac77-9599a53ecedc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32466", "type": "seen", "source": "https://t.me/cibsecurity/29621", "content": "\u203c CVE-2021-32466 \u203c\n\nAn uncontrolled search path element privilege escalation vulnerability in Trend Micro HouseCall for Home Networks version 5.3.1225 and below could allow an attacker to escalate privileges by placing a custom crafted file in a specific directory to load a malicious library. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-29T14:36:45.000000Z"}, {"uuid": "7634bf0a-b152-4c90-b9da-57963012d9ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32464", "type": "seen", "source": "https://t.me/cibsecurity/26853", "content": "\u203c CVE-2021-32464 \u203c\n\nAn incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T23:23:49.000000Z"}, {"uuid": "6041a4ed-bc58-4037-b270-45a024e14d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32465", "type": "seen", "source": "https://t.me/cibsecurity/26848", "content": "\u203c CVE-2021-32465 \u203c\n\nAn incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T23:23:44.000000Z"}, {"uuid": "800ae0e5-f11b-4db3-87ad-c36385b4ad6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32467", "type": "seen", "source": "https://t.me/cibsecurity/34625", "content": "\u203c CVE-2021-32467 \u203c\n\nMediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-26T02:22:22.000000Z"}, {"uuid": "1e813295-3c49-452b-82e2-526f3670c0c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32469", "type": "seen", "source": "https://t.me/cibsecurity/34611", "content": "\u203c CVE-2021-32469 \u203c\n\nMediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-26T02:22:01.000000Z"}, {"uuid": "c493a092-94ee-43b3-a8b7-ca509e96c60e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-32468", "type": "seen", "source": "https://t.me/cibsecurity/34609", "content": "\u203c CVE-2021-32468 \u203c\n\nMediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-26T02:22:00.000000Z"}]}