Cyber Resilience

CVE-2022-28339

High

Published: 22 February 2025

Published
22 February 2025
Modified
29 July 2025
KEV Added
Patch
CVSS Score v3.1 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0027 17.8th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2022-28339 is a high-severity Uncontrolled Search Path Element (CWE-427) vulnerability in Trendmicro Housecall For Home Networks. Its CVSS base score is 7.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique DLL (T1574.001); ranked at the 17.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and AC-6 (Least Privilege).

Deeper analysis

Trend Micro HouseCall for Home Networks version 5.3.1302 and below is affected by CVE-2022-28339, an uncontrolled search path element vulnerability (CWE-427). This flaw allows an attacker with low user privileges to create a malicious DLL, potentially leading to escalated privileges. The vulnerability has a CVSS v3.1 base score of 7.3 (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H), indicating high impact with local access required, low attack complexity, low privileges needed, and user interaction.

An attacker must have local access to the system and low-level user privileges to exploit this vulnerability. Exploitation requires user interaction, such as the victim running a specially crafted file or process that loads the attacker's malicious DLL due to the uncontrolled search path. Successful exploitation can result in high impacts to confidentiality, integrity, and availability, enabling the attacker to escalate privileges on the affected system.

For mitigation details, refer to the Trend Micro advisory at https://helpcenter.trendmicro.com/en-us/article/tmka-21734 and the Zero Day Initiative advisory at https://www.zerodayinitiative.com/advisories/ZDI-22-620/, which provide information on patches and remediation steps.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1574.001 DLL Stealth
Adversaries may abuse dynamic-link library files (DLLs) in order to achieve persistence, escalate privileges, and evade defenses.
T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

CWE-427 uncontrolled search path directly enables malicious DLL loading (T1574.002) for local privilege escalation (T1068).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2024-55543Same product: Microsoft Windows
CVE-2025-57836Same product: Microsoft Windows
CVE-2024-55540Same product: Microsoft Windows
CVE-2025-33229Same product: Microsoft Windows
CVE-2025-21206Same vendor: Microsoft
CVE-2025-15558Same product: Microsoft Windows
CVE-2025-69258Same product: Microsoft Windows
CVE-2025-21127Same product: Microsoft Windows
CVE-2026-2713Same product: Microsoft Windows
CVE-2026-3775Same product: Microsoft Windows

Affected Assets

trendmicro
housecall for home networks
≤ 5.3.1308

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely identification, testing, and installation of software patches to remediate the specific uncontrolled search path vulnerability in CVE-2022-28339.

prevent

Enforces secure configuration settings such as safe DLL search mode to prevent loading of malicious DLLs from uncontrolled paths exploited in CVE-2022-28339.

prevent

Implements least privilege to restrict low-privilege attackers from achieving successful privilege escalation even if a malicious DLL is loaded via CVE-2022-28339.

References