Stack-based Buffer Overflow Vulnerability in Trend Micro Home Network Security
CVE-2021-32458

7.8HIGH

Key Information:

Vendor: Trend Micro
Status: Trend Micro Home Network Security
Vendor: CVE Published:; 27 May 2021

Summary

The vulnerability affects Trend Micro Home Network Security versions 6.6.604 and earlier, allowing for a stack-based buffer overflow due to improper handling of an iotcl command. By sending a specially crafted iotcl, an attacker with low-privileged code execution abilities on the target device can potentially execute arbitrary code, compromising the security of the device. Organizations utilizing affected versions of Trend Micro Home Network Security should prioritize updating to mitigate potential risks.

Affected Version(s)

Trend Micro Home Network Security 6.6.604 and below

References

https://helpcenter.trendmicro.com/en-us/article/TMKA-10337

x_refsource_MISC

https://talosintelligence.com/vulnerability_reports/TALOS...

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 27, 2021
Vulnerability Reserved
May 7, 2021