{"vulnerability": "CVE-2021-36742", "sightings": [{"uuid": "9aef00f0-5032-4e0a-9bb5-9a0c75f39602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36742", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:20.000000Z"}, {"uuid": "51a6bbea-019c-413b-8eb2-00349236b5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36742", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "06919da4-6e29-47ea-947d-fb80ac0d442f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36742", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2970907", "content": "", "creation_timestamp": "2024-12-24T20:21:34.144379Z"}, {"uuid": "1175d2b6-04b0-47e3-8fbf-2101c6c1ee4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36742", "type": "exploited", "source": "https://t.me/cKure/6595", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 Security firms Trend Micro is warning its customers of attacks exploiting zero-day vulnerabilities in its Apex One and Apex One as a Service products.\n\nThe security firm also reported that attackers already exploited at least two of the flaws (CVE-2021-32464, CVE-2021-32465, CVE-2021-36741, CVE-2021-36742) in attacks in the wild.", "creation_timestamp": "2021-08-13T05:19:44.000000Z"}, {"uuid": "7cc11820-9aa0-4d46-be1e-a3927f19d652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36742", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:56.000000Z"}, {"uuid": "5477b243-cbf9-4842-aa09-1b36c0a8a30f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-36742", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/9a1919c5-62df-4609-a453-949df0b0b3fb", "content": "", "creation_timestamp": "2026-02-02T12:29:05.441221Z"}, {"uuid": "9fce29d4-311b-4ffa-822d-a1f9d400716e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36742", "type": "seen", "source": "https://t.me/arpsyndicate/952", "content": "#ExploitObserverAlert\n\nCVE-2021-36742\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-36742. A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\nFIRST-EPSS: 0.001370000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-03T14:16:47.000000Z"}, {"uuid": "2edd3fad-0167-4c05-a330-7f60bf3fa4b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36742", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4239", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-36742\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2021-07-29T20:15:07.650\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://success.trendmicro.com/jp/solution/000287796\n2. https://success.trendmicro.com/jp/solution/000287815\n3. https://success.trendmicro.com/solution/000287819\n4. https://success.trendmicro.com/solution/000287820\n5. https://success.trendmicro.com/jp/solution/000287796\n6. https://success.trendmicro.com/jp/solution/000287815\n7. https://success.trendmicro.com/solution/000287819\n8. https://success.trendmicro.com/solution/000287820", "creation_timestamp": "2025-02-13T15:08:10.000000Z"}, {"uuid": "ab48d749-cec6-482f-aa26-ec27522914cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36742", "type": "seen", "source": "https://t.me/cibsecurity/26582", "content": "\u203c CVE-2021-36742 \u203c\n\nA improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-30T00:14:37.000000Z"}, {"uuid": "88b46a68-4341-499a-a304-32ea5e85a719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36742", "type": "exploited", "source": "https://t.me/true_secator/2002", "content": "\u200b\u200b\u042f\u043f\u043e\u043d\u0441\u043a\u0438\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a Trend Micro \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043d\u0430\u0447\u0430\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Zero-Day \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Apex One, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043b\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0441\u0435\u0442\u0438 \u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437. \u0423\u044f\u0437\u0432\u0438\u043c\u044b \u043a\u0430\u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435, \u0442\u0430\u043a \u0438 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Apex One.\n\nCVE-2021-36741 \u0438 CVE-2021-36742 (\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438\u00a0 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439) \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u0432 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Apex One \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u0430 \u0441 \u0446\u0435\u043b\u044c\u044e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0433\u043e \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439.\n\n\u0412\u0441\u043f\u043e\u043c\u0438\u043d\u0430\u044f \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442 \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u0445\u0430\u043a\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435 Trend Micro OfficeScan \u0443 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u0438\u043a\u0438 Mitsubishi Electric \u0438 \u0443\u043a\u0440\u0430\u043b\u0438 \u043b\u0438\u0447\u043d\u0443\u044e \u0438 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u043e\u0442\u043d\u0435\u0441\u0442\u0438\u0441\u044c \u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c Trend Micro \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b  Apex One \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u041a\u043e\u043d\u0435\u0447\u043d\u043e, Trend Micro \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e\u0431 \u0443\u0436\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u0432\u0448\u0438\u0445\u0441\u044f \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u0445, \u0432\u0438\u0434\u0438\u0442\u0435 \u043b\u0438 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438, \u0438 \u0432\u0441\u0435 \u0434\u0435\u043b\u0430. \u041d\u043e, \u0432\u0430\u043d\u0433\u0443\u0435\u043c, \u0441\u043a\u043e\u0440\u043e \u0436\u0435\u0440\u0442\u0432\u044b \u043d\u0430\u0440\u0438\u0441\u0443\u044e\u0442\u0441\u044f.\n\n\u0410 \u043c\u044b \u043d\u0435 \u0436\u0434\u0451\u043c, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u0441\u044f.", "creation_timestamp": "2021-08-13T18:53:59.000000Z"}]}