6.6.604

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

trendmicro

NVD

Published: 2021-05-26

Updated: 2022-06-03

Summary

Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Trendmicro Trendmicro Home Network Security 6.1.567 Trendmicro Home Network Security 6.6.604	2

References

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1230
https://helpcenter.trendmicro.com/en-us/article/TMKA-10337