← volver
CVE-2021-28649

CVE-2021-28649

EPSS 0.3%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
12 may 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.
Productos afectados
Trend Micro · Trend Micro HouseCall for Home Networks

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://helpcenter.trendmicro.com/en-us/article/TMKA-10310https://www.zerodayinitiative.com/advisories/ZDI-21-474/