CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-49218 – Trend Micro Endpoint Encryption ProcessWhereClause SQL Injection Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-49218
11 Jun 2025 — A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. This is similar to, but not identical to CVE-2025-49215. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication... • https://success.trendmicro.com/en-US/solution/KA-0019928 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2025-49219 – Trend Micro Apex Central GetReportDetailView Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-49219
11 Jun 2025 — An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the GetRep... • https://success.trendmicro.com/en-US/solution/KA-0019926 • CWE-477: Use of Obsolete Function •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2025-49220 – Trend Micro Apex Central ConvertFromJson Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-49220
11 Jun 2025 — An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the Convert... • https://success.trendmicro.com/en-US/solution/KA-0019926 • CWE-477: Use of Obsolete Function •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-49487 – Trend Micro Worry-Free Business Security Uncontrolled Search Path Element Arbitrary Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-49487
11 Jun 2025 — An uncontrolled search path vulnerability in the Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an attacker with physical access to a machine to execute arbitrary code on affected installations. An attacker must have had physical access to the target system in order to exploit this vulnerability due to need to access a certain hardware component. Also note: this vulnerability only affected the SaaS client version of WFBSS only, meaning the on-premise version of Worry-Free... • https://success.trendmicro.com/en-US/solution/KA-0019936 • CWE-427: Uncontrolled Search Path Element •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-48443 – Trend Micro Password Manager Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-48443
11 Jun 2025 — Trend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation Vulnerability that could allow a local attacker to leverage this vulnerability to delete files in the context of an administrator when the administrator installs Trend Micro Password Manager. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Password Manager. An attacker must first obtain the ability to execute low-privilege... • https://helpcenter.trendmicro.com/en-us/article/TMKA-12917 • CWE-64: Windows Shortcut Following (.LNK) •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47865 – Trend Micro Apex Central widget getObjWGFServiceApiByApiName Local File Inclusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-47865
21 May 2025 — A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote code execution on affected installations. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the getObjWGFServiceApiByApiName function. The issue results from the lack of proper validation of user-supplied data pr... • https://success.trendmicro.com/en-US/solution/KA-0019355 • CWE-475: Undefined Behavior for Input to API •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47866 – Trend Micro Apex Central modTMCM Unrestricted File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2025-47866
21 May 2025 — An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affected installations. This vulnerability allows remote attackers to upload arbitrary files on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the modTMCM webapp widget. The issue results from the lack of proper validation of user-supplied data, which can allow ... • https://success.trendmicro.com/en-US/solution/KA-0019355 • CWE-475: Undefined Behavior for Input to API •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-47867 – Trend Micro Apex Central widget getBlock Local File Inclusion Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-47867
21 May 2025 — A Local File Inclusion vulnerability in a Trend Micro Apex Central widget in versions below 8.0.6955 could allow an attacker to include arbitrary files to execute as PHP code and lead to remote code execution on affected installations. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the getBlock function. The issue results from the lack of prop... • https://success.trendmicro.com/en-US/solution/KA-0019355 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30640 – Trend Micro Deep Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-30640
09 Apr 2025 — A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security. An attacker must first obtain the ability to execute low-privileged code on the target system... • https://success.trendmicro.com/en-US/solution/KA-0019344 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30641 – Trend Micro Deep Security Anti-Malware Solution Platform Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2025-30641
09 Apr 2025 — A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Deep Security Agent. An attacker must first obtain the ability to execu... • https://success.trendmicro.com/en-US/solution/KA-0019344 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •