CVE-2021-25247

7.8HIGH

Key Information:

Vendor: Trend Micro
Status: Trend Micro Housecall For Home Networks
Vendor: CVE Published:; 27 January 2021

Summary

A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. An attacker must already have user privileges on the machine to exploit this vulnerability.

Affected Version(s)

Trend Micro HouseCall for Home Networks 5.3.1063 and below

References

https://helpcenter.trendmicro.com/en-us/article/TMKA-10180

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 27, 2021
Vulnerability Reserved
Jan 15, 2021