Trend Micro fixes 3 flaws in Home Network Security Devices

Trend Micro fixed some flaws in Trend Micro Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication.

Trend Micro fixed three vulnerabilities in Home Network Security devices that could be exploited to elevate privileges or achieve arbitrary authentication.

Once activated, the Home Network Security station scans all traffic passing in and out of your home network,
allowing it to prevent intrusions, block hacking attempts, and web threats as well as protect owner’s privacy.

The flaws addressed by the security firm were reported by experts from Cisco Talos.

“TALOS-2021-1230 (CVE-2021-32457) and TALOS-2021-1231 (CVE-2021-32458) are elevation of privilege vulnerabilities that could allow an attacker to obtain elevate permissions on the targeted device. Another vulnerability, TALOS-2021-1241 (CVE-2021-32459), exists with a set of hardcoded credentials on the device an attacker could exploit to create files, change permissions on files, and upload arbitrary data to an SFTP server.” reads the analysis published by Talos.

Both CVE-2021-32457 and CVE-2021-32458 are iotcl stack-based buffer overflow that could be exploited by attackers to escalate privilege. The flaws impact Trend Micro Home Network Security version 6.6.604 and earlier, they could be exploited by an attacker to issue a specially crafted iotcl to escalate privileges on vulnerable devices.
The flaw could be only triggered by attackers with the ability to execute low-privileged code on the target device. The flaw has been rated with a CVSS v3 score of 7.8.

The third flaw, tracked as CVE-2021-32459, is a Log Server hard-coded password vulnerability that impact Trend Micro Home Network Security version 6.6.604 and earlier. The flaw could be exploited by an attacker by using a specially crafted network request that will lead to arbitrary authentication.
the flaw could be only exploited by attackers that have the ability to execute high-privileged code on the target device.

Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to this vulnerability at this time. The flaw has been rated with a CVSS v3 score of 4.9.

“Trend Micro has released a firmware update for the Trend Micro Home Network Security consumer devices which multiple vulnerabilities related to iotcl stack-based buffer overflow privilege escalation and a hard-coded log server password.” reads the advisory published by Trend Micro.

Trend Micro is not aware of attacks in the wild exploiting the above vulnerabilities, the company has released version 6.1.567 to address the flaws.

Cisco Talos released SNORT rules to detect exploitation attempts against these vulnerabilities: 51719 – 57122.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Trend Micro Home Network Security)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.