Bulletin Date: May 20, 2021
CVE Vulnerability Identifiers: CVE-2021-32457, CVE-2021-32458, CVE-2021-32459
Platform: Consumer Hardware Device
CVSSv3 Scores: 4.9 - 7.8
Severity Rating: Medium - High
Summary
Trend Micro has released a firmware update for the Trend Micro Home Network Security consumer devices which multiple vulnerabilities related to iotcl stack-based buffer overflow privilege escalation and a hard-coded log server password.
Affected versions
PRODUCT | AFFECTED VERSION | PLATFORM | LANGUAGE(S) |
---|---|---|---|
Home Network Security | 6.6.604 and earlier | Consumer Device | English, Japanese, Traditional Chinese |
Solution
PRODUCT | UPDATED VERSION | PLATFORM | LANGUAGE(S) |
---|---|---|---|
Home Network Security | 6.7.609 | Consumer Device | English, Japanese, Traditional Chinese |
Trend Micro has released an update via the product’s automatic firmware update mechanism to resolve this issue. Your Trend Micro Home Network Security device should receive the update automatically as long as your computer is connected to the Internet.
Vulnerability Details
CVE-2021-32457 and CVE-2021-32458: iotcl Stack-Based Buffer Overflow Privilege Escalation Vulnerability
CVSSv3: 7.8 - AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to iotcl stack-based buffer overflow vulnerabilities which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices.
An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability.
CVE-2021-32459: Log Server Hard-coded Password Vulnerability
CVSSv3: 4.9 - AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Trend Micro Home Network Security version 6.6.604 and earlier contains a hard-coded password vulnerability in the log collection server which could allow an attacker to use a specially crafted network request to lead to arbitrary authentication.
An attacker must first obtain the ability to execute high-privileged code on the target device in order to exploit this vulnerability.
Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to this vulnerability at this time.
Acknowledgement
Trend Micro would like to thank the following individuals for responsibly disclosing the issue and working with Trend Micro to help protect our customers:
- Carl Hurd and Kelly Leuschner of Cisco Talos
Additional Assistance
Customers who have questions are encouraged to contact Trend Micro Technical Support for further assistance.
Reference
- TALOS-2021-1230
- TALOS-2021-1231
- TALOS-2021-1241