Privilege Escalation Vulnerability in Trend Micro HouseCall for Home Networks Installer

Privilege Escalation Vulnerability in Trend Micro HouseCall for Home Networks Installer

CVE-2021-28649 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.

Learn more about our Network Penetration Testing.