An incorrect permission vulnerability in the product installer for Trend Micro HouseCall for Home Networks version 5.3.1179 and below could allow an attacker to escalate privileges by placing arbitrary code on a specified folder and have that code be executed by an Administrator who is running a scan. Please note that an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.
References
Link | Resource |
---|---|
https://helpcenter.trendmicro.com/en-us/article/TMKA-10310 | Vendor Advisory |
https://www.zerodayinitiative.com/advisories/ZDI-21-474/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trendmicro
Published: 2021-05-12T14:57:41
Updated: 2021-05-12T14:57:41
Reserved: 2021-03-16T00:00:00
Link: CVE-2021-28649
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-05-12T15:15:07.640
Modified: 2021-05-21T18:31:27.327
Link: CVE-2021-28649
JSON object: View
Redhat Information
No data.
CWE