DLL Hijack Vulnerability in Trend Micro HouseCall for Home Networks
CVE-2019-19689

7.8HIGH

Key Information:

Vendor: Trend Micro
Status: Trend Micro Housecall For Home Networks
Vendor: CVE Published:; 18 December 2019

Summary

The vulnerability allows attackers to exploit Trend Micro HouseCall for Home Networks prior to version 5.3.0.1063 through a DLL hijacking technique, leveraging a flaw in the packer utilized by the application. This exploitation can lead to unauthorized execution of malicious code, thereby compromising the security of the affected systems.

Affected Version(s)

Trend Micro HouseCall for Home Networks Below 5.3.0.1063

References

https://helpcenter.trendmicro.com/en-us/article/TMKA-21674

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 18, 2019
Vulnerability Reserved
Dec 9, 2019