CVE-2021-28649

Name of the Vulnerable Software and Affected Versions Trend Micro HouseCall for Home Networks versions 5.3.1179 and below

Description The issue is related to incorrect permission assignment, which could allow an attacker to escalate privileges. This can be achieved by placing arbitrary code in a specified folder, and having that code executed by an Administrator running a scan. The attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.

Recommendations For versions 5.3.1179 and below, update to a version above 5.3.1179 to resolve the issue. As a temporary workaround, consider restricting access to the specified folder where arbitrary code can be placed to minimize the risk of exploitation.