Vulnerability in Trend Micro's "Smart Home Scanner" Windows version - JVN alerts

Possibility of gaining administrator privileges and executing arbitrary code. Fixed in latest version

Vulnerability in Trend Micro's "Smart Home Scanner" Windows version

Trend Micro

On September 29th, the vulnerability portal site "JVN" announced that there was a vulnerability (CVE-2021-32466) in Trend Micro's home network diagnostic tool "Smart Home Scanner" v5.3.1225 and earlier. A user who can log in to the "smart home scanner" can execute arbitrary code.

 According to Trend Micro, this vulnerability allows administrator privileges to be obtained by creating a file in a specific folder. The base value for CVSS 3.0 is 3.3.

This vulnerability has already been fixed in the latest version. Affected users are encouraged to download the installer from Trend Micro's website and update.