{"vulnerability": "CVE-2021-36741", "sightings": [{"uuid": "cfceb3c9-35f0-4d45-9ab2-77a313ef17b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36741", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:20.000000Z"}, {"uuid": "afcfc2cb-2147-42e9-bf64-27eb3b39f6c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36741", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "e8c0331d-127c-4208-83b7-79d20528cc6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36741", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970906", "content": "", "creation_timestamp": "2024-12-24T20:21:33.344620Z"}, {"uuid": "acd35524-2939-4814-aec9-412d37085db8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36741", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:56.000000Z"}, {"uuid": "e9898bf3-a333-4ba8-8f16-8900c0e44637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-36741", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/6d5c31ba-4a2f-43de-85e7-17de9d232470", "content": "", "creation_timestamp": "2026-02-02T12:29:05.546866Z"}, {"uuid": "1cae7515-5d3a-4862-96fa-c6c7b5cc03f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36741", "type": "exploited", "source": "https://t.me/cKure/6595", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Security firms Trend Micro is warning its customers of attacks exploiting zero-day vulnerabilities in its Apex One and Apex One as a Service products.\n\nThe security firm also reported that attackers already exploited at least two of the flaws (CVE-2021-32464, CVE-2021-32465, CVE-2021-36741, CVE-2021-36742) in attacks in the wild.", "creation_timestamp": "2021-08-13T05:19:44.000000Z"}, {"uuid": "08c354fd-25ee-48a3-95aa-083ffe11a682", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36741", "type": "seen", "source": "Telegram/833y449eBYtxA_iE9BGk9O55dyDJOHBLeLm32qPsho86vtnG", "content": "", "creation_timestamp": "2025-02-14T10:05:09.000000Z"}, {"uuid": "49cc92fa-463f-42f1-9b53-c663febd121a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36741", "type": "seen", "source": "https://t.me/arpsyndicate/1294", "content": "#ExploitObserverAlert\n\nCVE-2021-36741\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2021-36741. An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product?s management console in order to exploit this vulnerability.\n\nFIRST-EPSS: 0.015970000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-04T20:14:38.000000Z"}, {"uuid": "5d881015-c32d-41c7-8e46-447e79a1372f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36741", "type": "exploited", "source": "https://t.me/true_secator/2002", "content": "\u200b\u200b\u042f\u043f\u043e\u043d\u0441\u043a\u0438\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a Trend Micro \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Zero-Day \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Apex One, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043b\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0441\u0435\u0442\u0438 \u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437. \u0423\u044f\u0437\u0432\u0438\u043c\u044b \u043a\u0430\u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435, \u0442\u0430\u043a \u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apex One.\n\nCVE-2021-36741 \u0438 CVE-2021-36742 (\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438\u00a0 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Apex One \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430 \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\n\u0412\u0441\u043f\u043e\u043c\u0438\u043d\u0430\u044f \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u0445\u0430\u043a\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Trend Micro OfficeScan \u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u0438\u043a\u0438 Mitsubishi Electric \u0438 \u0443\u043a\u0440\u0430\u043b\u0438 \u043b\u0438\u0447\u043d\u0443\u044e \u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u043e\u0442\u043d\u0435\u0441\u0442\u0438\u0441\u044c \u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c Trend Micro \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b  Apex One \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u041a\u043e\u043d\u0435\u0447\u043d\u043e, Trend Micro \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0443\u0436\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u0432\u0448\u0438\u0445\u0441\u044f \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u0445, \u0432\u0438\u0434\u0438\u0442\u0435 \u043b\u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0438 \u0432\u0441\u0435 \u0434\u0435\u043b\u0430. \u041d\u043e, \u0432\u0430\u043d\u0433\u0443\u0435\u043c, \u0441\u043a\u043e\u0440\u043e \u0436\u0435\u0440\u0442\u0432\u044b \u043d\u0430\u0440\u0438\u0441\u0443\u044e\u0442\u0441\u044f.\n\n\u0410 \u043c\u044b \u043d\u0435 \u0436\u0434\u0451\u043c, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u0441\u044f.", "creation_timestamp": "2021-08-13T18:53:59.000000Z"}, {"uuid": "632bf8bf-ba82-4dec-aa90-0cb71d5c7724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36741", "type": "seen", "source": "https://t.me/cibsecurity/26581", "content": "\u203c CVE-2021-36741 \u203c\n\nAn improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product\u00e2\u20ac\u2122s management console in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-30T00:14:36.000000Z"}]}