Quote:Three security vulnerabilities have been found in Trend Micro’s Home Network Security systems, which can allow denial of service (DoS), privilege escalation, code execution and authentication bypass.
 
The Home Network Security Station is an all-in-one device that scans for vulnerabilities for connected devices, performs intrusion detection and allows consumers to control access settings for all devices on the network.
 
The bugs, discovered by Cisco Talos researchers, are two high-severity stack buffer overflows, both with CVSS scores of 7.8 out of 10 (CVE-2021-32457, CVE-2021-32458); and one hardcoded password issue, with a medium-severity CVSS score of 4.9 (CVE-2021-32459).

Quote:Vulnerable Trend Micro Home Network Security Stations version 6.1.567 and below are vulnerable to the bugs; the security vendor has released patches to address all three issues.