Carl Hurd and Kelly Leuschner of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.

Cisco Talos recently discovered multiple vulnerabilities in Trend Micro’s Home Network Security Station.

The Home Network Security Station is a device that monitors and protects home networks from security threats and provides other network management features. The Security Station can scan for vulnerabilities, detect and prevent possible intrusions and allow the user to control access settings for all devices on the network. TALOS-2021-1230 (CVE-2021-32457) and TALOS-2021-1231 (CVE-2021-32458) are elevation of privilege vulnerabilities that could allow an attacker to elevate their permissions on the targeted device. Another vulnerability, TALOS-2021-1241 (CVE-2021-32459), exists within a set of hardcoded credentials on the device. An attacker could exploit these to create files, change permissions on files, and upload arbitrary data to an SFTP server.

Cisco Talos worked with Trend Micro to ensure that these issues are resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy.

Users are encouraged to update these affected products as soon as possible: Trend Micro Inc. Home Network Security, version 6.1.567. Talos tested and confirmed these versions of the Security Station could be exploited by this vulnerability.

The following SNORTⓇ rules will detect exploitation attempts against this vulnerability: 51719 - 57122. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.