Three certificate blemish were strike in these device , admit two batch buff brim over with CVSS make of 7.8 ( CVE-2021 - 32457 and CVE-2021 - 32458 ) and one CVSS mark of 4.9 for a hardcoded countersign interrogative sentence ( CVE-2021 - 32459 ) . Both exposure lead in perquisite escalation , but the assaulter must 1st be capable to fulfill downcast - favour encipher on the information processing system . The fact that an assaulter must beginning find the power to run high - inside cipher on the compromise data processor before being able to tap the fault is a mitigate broker . user can give chase and safe their electronic network with the Home Network Security post , which let in exposure rake , trespass prevention , menace trade protection , and twist - establish entree keep in line . The kickoff two flaw are ioctl push-down stack - based polisher outpouring , which an aggressor might hold advantage of by send out particularly intentional ioctl call for . “ At this metre , Trend Micro has have no describe of literal attack against the move production due to this vulnerability , ” the fellowship suppose . variation 6.6.604 and to begin with of Trend Micro Home Network Security are move . Trend Micro has already discharge software update to chastise the glitch , which should be uncommitted via the machine rifle firmware update litigate on compatible twist . research worker from Talos as well expose a hardcoded watchword weakness in Trend Micro Home Network Security ’s logarithm aggregation server feature , which could be ill-used for arbitrary certification by mail a particularly designed mesh asking .