Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability (CVE-2025-27529)
This vulnerability (CVE-2025-27529) allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Cleaner One Pro.
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Additionally, the vulnerability is triggered only when an administrator performs an install of the product.
The specific flaw exists within the product installer. By creating a symbolic link, an attacker can abuse the installer to create arbitrary files.
An attacker can leverage this vulnerability to create a denial-of-service condition on the system.
I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.