Trend Micro home network security flaws could let hackers take over PCs
All-in-one home security device could allow code execution, DoS, and file permission changes
According to researchers at Cisco Talos, three security vulnerabilities in the product are labeled CVE-2021-32457, CVE-2021-32458, and CVE-2021-32459.
Trend Micro's Home Network Security Station is a device that plugs into a home router to prevent internet-connected devices from being hacked. Unfortunately, the bugs mean that the device itself can be hacked.
The first two flaws, CVE-2021-32457, CVE-2021-32458, lead to privilege escalation. The former bug exists in the tdts.ko chrdev_ioctl_handle functionality of the product. A specially crafted ioctl can lead to increased privileges. An attacker can issue an ioctl to trigger this vulnerability, causing a kernel panic leading to DoS and leveraging privilege escalation.
The latter flaw is caused by the lack of input validation on a user's ioctl request. The stack-based buffer is smaller than the maximum ioctl request copy size of 0x3FFF and thus overflows. A user can carefully craft input to gain control over a PC due to this copy.
The CVE-2021-32459 flaw is a hard-coded password vulnerability in the SFTP Log Collection Server function of Trend Micro Inc.'s Home Network Security 6.1.567. A specially crafted network request can lead to arbitrary authentication. An attacker can send an unauthenticated message to trigger this vulnerability.
From there, a hacker could create files, change permissions on files and upload arbitrary data to an SFTP server.
The secure cloud configuration imperative
The central role of cloud security posture managementDownload now
"The log server is utilized to dump all information that the device collects back to Trend Micro's infrastructure and can include identifiable information of the networks that the data originated from. The username and password are hard-coded in the core binary of the HNS device as diamond:bahV6AtJqZt4K. On the SFTP server, these credentials can be used to create files, change permissions on files and upload arbitrary data to the server. This could result in the loss of the logs if files are overwritten, or data exfiltration could occur if it is possible to download data," the advisory warned.
How to choose an AI vendor
Five key things to look for in an AI vendorDownload now
The UK 2020 Databerg report
Cloud adoption trends in the UK and recommendations for cloud migrationDownload now
2021 state of email security report: Ransomware on the rise
Securing the enterprise in the COVID worldDownload now
The impact of AWS in the UK
How AWS is powering Britain's fastest-growing companiesDownload now