Trend Micro Patches Vulnerabilities in Home Network Security Devices

Trend Micro Patches Vulnerabilities in Home Network Security Devices

Cisco Talos security researchers reported vulnerabilities in Trend Micro Home Network Security devices. Attackers could exploit the bugs to achieve arbitrary authentication and elevate privileges. 

The Home Network Security station is a monitoring and protection product that offers, among other features, vulnerability scanning, threat protection, intrusion prevention, and access control for devices. Trend Micro Home Network Security versions 6.6.604 and earlier are vulnerable to these attacks. 

Researchers report three security holes: two stack buffer overflows with CVSS scores of 7.8 (CVE-2021-32457 and CVE-2021-32458) and one hardcoded password issue, with a CVSS score of 4.9 (CVE-2021-32459):

TALOS-2021-1230 (CVE-2021-32457) and TALOS-2021-1231 (CVE-2021-32458) are elevation of privilege vulnerabilities that could allow an attacker to obtain elevate permissions on the targeted device. Another vulnerability, TALOS-2021-1241 (CVE-2021-32459), exists with a set of hardcoded credentials on the device an attacker could exploit to create files, change permissions on files, and upload arbitrary data to an SFTP server,” Cisco Talos described the three bugs.

The first two bugs are exploitable by causing ioctl stack-based buffer overflows. A threat actor could exploit by sending specially crafted ioctl requests. Both issues require that the attacker can execute low-privileged code on the device.

The hardcoded password vulnerability impacts the log collection server function of Trend Micro Home Network Security. An attacker can exploit this flaw by sending a specially crafted network request. Again, there’s a condition that an attacker has first to gain the ability to execute high-privileged code before exploiting the issue.

Trend Micro has seen no evidence that anyone exploited the bugs in the wild and not aware of “any actual attacks against the affected product related to this vulnerability at this time.”

Trend Micro has released firmware updates for the bugs. Users should receive them during automatic firmware updates.


About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.