NEW R2100 Series 5G Ruggedized Router — Built for the Roof of Vehicles and IoT Learn More

Discover Cradlepoint near you

We have dedicated teams in regions the world over. We’re here to answer your questions and connect you with the perfect Wireless WAN solution for your unique business needs.

North America
Latin America

For a full list of where our solutions are available, please visit our Availability Page.

CPSEC-496: Cradlepoint Secure Threat Management (CPSTM) Vulnerable to Trend Micro Network Security Vulnerabilities

2021-06-22 22:24:57


Cradlepoint Secure Threat Management (CPSTM) leverages Trend Micro’s Deep Packet Inspection (DPI) solution and is affected by publicly disclosed privilege escalation vulnerabilities. In order to be exploitable, CPSTM would have to be enabled on the endpoint and a threat actor would have to have already authenticated as an administrator in NCOS, thus already granting the privileges that exploitation of the vulnerabilities seeks to obtain.



Products Affected: Cradlepoint Enterprise, Branch and Mobile endpoints running 7.21.60 or earlier with CPSTM enabled

Recommendation: Regularly upgrade to the latest release of NCOS and ensure your Cradlepoint endpoint is physically secured.

NCOS Patched Version: 7.21.70+

Related CVEs: CVE-2021-32457, CVE-2021-32458, CVE-2021-32458