Trend Micro fixed three vulnerabilities in Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication.
Once activated, the Home Network Security station scans all traffic passing in and out of your home network,
allowing it to prevent intrusions, block hacking attempts, and web threats as well as protect owner’s privacy.
The flaws addressed by the security firm were reported by experts from Cisco Talos.
“TALOS-2021-1230 (CVE-2021-32457) and TALOS-2021-1231 (CVE-2021-32458) are elevation of privilege vulnerabilities that could allow an attacker to obtain elevate permissions on the targeted device. Another vulnerability, TALOS-2021-1241 (CVE-2021-32459), exists with a set of hardcoded credentials on the device an attacker could exploit to create files, change permissions on files, and upload arbitrary data to an SFTP server.” reads the analysis published by Talos.
Both CVE-2021-32457 and CVE-2021-32458 are iotcl stack-based buffer overflow that could be exploited by attackers to escalate privilege. The flaws impact Trend Micro Home Network Security version 6.6.604 and earlier, they could be exploited by an attacker to issue a specially crafted iotcl to escalate privileges on vulnerable devices.
The flaw could be only triggered by attackers with the ability to execute low-privileged code on the target device. The flaw has been rated with a CVSS v3 score of 7.8.
The third flaw, tracked as CVE-2021-32459, is a Log Server hard-coded password vulnerability that impact Trend Micro Home Network Security version 6.6.604 and earlier. The flaw could be exploited by an attacker by using a specially crafted network request that will lead to arbitrary authentication.
the flaw could be only exploited by attackers that have the ability to execute high-privileged code on the target device.
Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to this vulnerability at this time. The flaw has been rated with a CVSS v3 score of 4.9.
“Trend Micro has released a firmware update for the Trend Micro Home Network Security consumer devices which multiple vulnerabilities related to iotcl stack-based buffer overflow privilege escalation and a hard-coded log server password.” reads the advisory published by Trend Micro.
Trend Micro is not aware of attacks in the wild exploiting the above vulnerabilities, the company has released version 6.1.567 to address the flaws.
Cisco Talos released SNORT rules to detect exploitation attempts against these vulnerabilities: 51719 – 57122.
(SecurityAffairs – hacking, Trend Micro Home Network Security)