Tuesday 25 May 2021
The impact of this issue announcement is high. Please act accordingly to rectify the issue, as stated below.
What you need to know:
After acknowledging Talos Security Researchers on two stack buffer overflows (CVE-2021-32457 and CVE-2021-32458), and one hardcoded password issue (CVE-2021-32459), Trend Micro has released a firmware update to mitigate exploitation for elevated privileges or arbitrary authentication for its Home Network Security Devices.
Trend Micro Home Network Security Devices running on 6.6.604 and earlier.
Actions to be taken:
Trend Micro has already released firmware updates to address the flaws which should be received via automatic updates.