Vulnerabilities > CVE-2021-32458 - Out-of-bounds Write vulnerability in Trendmicro Home Network Security

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

trendmicro

CWE-787

NVD

Published: 2021-05-27

Updated: 2021-06-07

Summary

Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl which could lead to code execution on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Trendmicro Trendmicro Home Network Security *	3

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://talosintelligence.com/vulnerability_reports/TALOS-2021-1231
https://helpcenter.trendmicro.com/en-us/article/TMKA-10337