Views:

Release Date: December 18, 2019

CVE Vulnerability Identifiers: CVE-2019-19688 and CVE-2019-19689

Platform: Windows

CVSS 3.1 Scores: 6.7

Severity Ratings: Medium


Summary

Trend Micro has released a new build of Trend Micro HouseCall™ for Home Networks on Windows that resolves privilege escalation and a DLL Hijack vulnerabilies.

Affected Versions

ProductAffected VersionsPlatformLanguage
HouseCall™ for Home Networks Versions below 5.3.0.1063 Windows English

Solution

Trend Micro has released a new build of the tool to resolve this issue:

ProductUpdated VersionPlatformLanguage
HouseCall™ for Home Networks 5.3.0.1063 Windows English


Trend Micro recommends that customers always ensure they have the latest version of the HouseCall™ for Home Networks tool before running a scan to ensure the latest protection. The latest version can be downloaded from here.

Vulnerability Details

The latest version resolves two (2) vulnerabilities found in Trend Micro HouseCall™ for Home Networks on Windows:

  1. CVE-2019-19688: A privilege escalation vulnerability could be exploited allowing an attacker to place a malicious DLL file into the application directory and elevate privileges.
  2. CVE-2019-19689: DLL Hijack related to a vulnerability on the packer that the program uses.

Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to these vulnerabilities at this time.

Acknowledgement

Trend Micro would like to thank the following individual for responsibly disclosing the issue and working with Trend Micro to help protect our customers:

  • Eran Shimony of CyberArk Labs Team
Add a comment
Home Support

Security Bulletin: Trend Micro HouseCall for Home Networks Privilege Escalation and DLL Hijacking Vulnerabilities

Release Date: December 18, 2019

CVE Vulnerability Identifiers: CVE-2019-19688 and CVE-2019-19689

Platform: Windows

CVSS 3.1 Scores: 6.7

Severity Ratings: Medium


Summary

Trend Micro has released a new build of Trend Micro HouseCall™ for Home Networks on Windows that resolves privilege escalation and a DLL Hijack vulnerabilies.

Affected Versions

ProductAffected VersionsPlatformLanguage
HouseCall™ for Home Networks Versions below 5.3.0.1063 Windows English

Solution

Trend Micro has released a new build of the tool to resolve this issue:

ProductUpdated VersionPlatformLanguage
HouseCall™ for Home Networks 5.3.0.1063 Windows English


Trend Micro recommends that customers always ensure they have the latest version of the HouseCall™ for Home Networks tool before running a scan to ensure the latest protection. The latest version can be downloaded from here.

Vulnerability Details

The latest version resolves two (2) vulnerabilities found in Trend Micro HouseCall™ for Home Networks on Windows:

  1. CVE-2019-19688: A privilege escalation vulnerability could be exploited allowing an attacker to place a malicious DLL file into the application directory and elevate privileges.
  2. CVE-2019-19689: DLL Hijack related to a vulnerability on the packer that the program uses.

Trend Micro has received no reports nor is aware of any actual attacks against the affected product related to these vulnerabilities at this time.

Acknowledgement

Trend Micro would like to thank the following individual for responsibly disclosing the issue and working with Trend Micro to help protect our customers:

  • Eran Shimony of CyberArk Labs Team

Was this helpful?

  • It wasn't helpful at all.
  • It was not helpful.
  • Just okay.
  • It was helpful.
  • It was very helpful.
Messenger Icon
Ask Vanessa

Get in touch with our Social Media ambassador and she'll answer your question or issue.

Hi there!  👋

How can we help you today? Click the button below to start chatting with support.

Product Image
Close
Trend Micro Support

Our Support Representative will be with you shortly.

Product Image

Trend Micro Support

Usually replies in a few minutes.

Before we start, kindly fill up the details below:

Please see our privacy policy for more information on how we use your data.