CVE-2022-28339 HIGH

CVE-2022-28339

Vendor Trend Micro, Inc.
Product Trend Micro HouseCall for Home Networks
Published February 22, 2025
Last update February 24, 2025

CVSS base score

7.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges.

Key dates

02Disclosure timeline

February 22, 2025 CVE published
February 24, 2025 Record updated