exploitDog

CVE-2021-25247

Опубликовано: 27 янв. 2021

Источник: nvd

CVSS3: 7.8

CVSS2: 4.4

EPSS Низкий

Описание

A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. An attacker must already have user privileges on the machine to exploit this vulnerability.

Ссылки

https://helpcenter.trendmicro.com/en-us/article/TMKA-10180
Vendor Advisory
https://helpcenter.trendmicro.com/en-us/article/TMKA-10180
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:trendmicro:housecall_for_home_networks:5.3.0.1063:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00088

Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-427

Связанные уязвимости

GHSA-v5j3-vp2m-wg9g

github

больше 3 лет назад

A DLL hijacking vulnerability Trend Micro HouseCall for Home Networks version 5.3.1063 and below could allow an attacker to use a malicious DLL to escalate privileges and perform arbitrary code execution. An attacker must already have user privileges on the machine to exploit this vulnerability.

EPSS

Процентиль: 25%

0.00088

Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-427