CVE-2025-30678 (GCVE-0-2025-30678)
Vulnerability from
Published
2025-06-17 19:56
Modified
2025-06-20 13:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - SSRF
Summary
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Apex Central |
Version: 8.0 ≤ cpe:2.3:a:trendmicro:apex_central:6955:*:*:en:*:windows_10:x86_64:1809 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30678",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T14:19:54.649915Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T13:12:57.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:apex_central:6955:*:*:en:*:windows_10:x86_64:1809"
],
"product": "Trend Micro Apex Central",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "8.0.6955",
"status": "affected",
"version": "8.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: SSRF",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T19:56:01.476Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/en-US/solution/KA-0019355"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-236/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2025-30678",
"datePublished": "2025-06-17T19:56:01.476Z",
"dateReserved": "2025-03-25T17:52:24.546Z",
"dateUpdated": "2025-06-20T13:12:57.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30679 (GCVE-0-2025-30679)
Vulnerability from
Published
2025-06-17 19:56
Modified
2025-06-20 13:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - SSRF
Summary
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Apex Central |
Version: 8.0 ≤ cpe:2.3:a:trendmicro:apex_central:6955:*:*:en:*:windows_10:x86_64:1809 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T14:19:52.442400Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T13:12:51.981Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:apex_central:6955:*:*:en:*:windows_10:x86_64:1809"
],
"product": "Trend Micro Apex Central",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "8.0.6955",
"status": "affected",
"version": "8.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modOSCE component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: SSRF",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T19:56:11.050Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/en-US/solution/KA-0019355"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-237/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2025-30679",
"datePublished": "2025-06-17T19:56:11.050Z",
"dateReserved": "2025-03-25T17:52:24.546Z",
"dateUpdated": "2025-06-20T13:12:51.981Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30680 (GCVE-0-2025-30680)
Vulnerability from
Published
2025-06-17 19:56
Modified
2025-06-20 13:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-918 - SSRF
Summary
A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.
Please note: this vulnerability only affects the SaaS instance of Apex Central - customers that automatically apply Trend Micro's monthly maintenance releases to the SaaS instance do not have to take any further action.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Apex Central |
Version: SaaS ≤ cpe:2.3:a:trendmicro:apex_central:SaaS:*:*:en:*:windows_10:x86_64:1809 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30680",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T14:19:50.267446Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T13:12:46.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:apex_central:SaaS:*:*:en:*:windows_10:x86_64:1809"
],
"product": "Trend Micro Apex Central",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "8.0.6955",
"status": "affected",
"version": "SaaS",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (SaaS) could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations. \r\n\r\nPlease note: this vulnerability only affects the SaaS instance of Apex Central - customers that automatically apply Trend Micro\u0027s monthly maintenance releases to the SaaS instance do not have to take any further action."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: SSRF",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T19:56:23.405Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/en-US/solution/KA-0019355"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-238/"
}
],
"tags": [
"exclusively-hosted-service"
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2025-30680",
"datePublished": "2025-06-17T19:56:23.405Z",
"dateReserved": "2025-03-25T17:52:24.546Z",
"dateUpdated": "2025-06-20T13:12:46.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30640 (GCVE-0-2025-30640)
Vulnerability from
Published
2025-06-17 20:10
Modified
2025-06-20 13:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-59 - Improper Link Resolution Before File Access
Summary
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Deep Security |
Version: 20 ≤ cpe:2.3:a:trendmicro:deep_security_agent:20.0.1-25770:long_term_support:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30640",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T14:44:42.494000Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T13:12:39.593Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:deep_security_agent:20.0.1-25770:long_term_support:*:*:*:*:*:*"
],
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "20.0.1-25770",
"status": "affected",
"version": "20",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:10:21.752Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/en-US/solution/KA-0019344"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-239/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2025-30640",
"datePublished": "2025-06-17T20:10:21.752Z",
"dateReserved": "2025-03-24T18:39:10.814Z",
"dateUpdated": "2025-06-20T13:12:39.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30641 (GCVE-0-2025-30641)
Vulnerability from
Published
2025-06-17 20:10
Modified
2025-06-20 13:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-59 - Improper Link Resolution Before File Access
Summary
A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Deep Security |
Version: 20 ≤ cpe:2.3:a:trendmicro:deep_security_agent:20.0.1-25770:long_term_support:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30641",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T14:44:40.048042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T13:12:33.740Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:deep_security_agent:20.0.1-25770:long_term_support:*:*:*:*:*:*"
],
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "20.0.1-25770",
"status": "affected",
"version": "20",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:10:54.478Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/en-US/solution/KA-0019344"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-240/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2025-30641",
"datePublished": "2025-06-17T20:10:54.478Z",
"dateReserved": "2025-03-24T18:39:10.814Z",
"dateUpdated": "2025-06-20T13:12:33.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-30642 (GCVE-0-2025-30642)
Vulnerability from
Published
2025-06-17 20:11
Modified
2025-06-20 13:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-59 - Improper Link Resolution Before File Access
Summary
A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Deep Security |
Version: 20 ≤ cpe:2.3:a:trendmicro:deep_security_agent:20.0.1-25770:long_term_support:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-30642",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T14:19:47.867850Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T13:12:28.114Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:deep_security_agent:20.0.1-25770:long_term_support:*:*:*:*:*:*"
],
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "20.0.1-25770",
"status": "affected",
"version": "20",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to create a denial of service (DoS) situation on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:11:03.855Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/en-US/solution/KA-0019344"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-241/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2025-30642",
"datePublished": "2025-06-17T20:11:03.855Z",
"dateReserved": "2025-03-24T18:39:10.814Z",
"dateUpdated": "2025-06-20T13:12:28.114Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49211 (GCVE-0-2025-49211)
Vulnerability from
Published
2025-06-17 20:16
Modified
2025-06-20 13:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - SQL Injection
Summary
A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Endpoint Encryption Policy Server |
Version: 6.0 ≤ cpe:2.3:a:trendmicro:endpoint_encryption_policy_server:6.0.0.4013:p1u6:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49211",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T14:19:45.495355Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T13:12:22.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:endpoint_encryption_policy_server:6.0.0.4013:p1u6:*:*:*:*:*:*"
],
"product": "Trend Micro Endpoint Encryption Policy Server",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "6.0.0.4013",
"status": "affected",
"version": "6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. \r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: SQL Injection",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:16:38.307Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/en-US/solution/KA-0019928"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-368/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2025-49211",
"datePublished": "2025-06-17T20:16:38.307Z",
"dateReserved": "2025-06-03T18:11:27.258Z",
"dateUpdated": "2025-06-20T13:12:22.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-24916 (GCVE-0-2024-24916)
Vulnerability from
Published
2025-06-19 13:17
Modified
2025-06-20 13:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-427 - The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Summary
Untrusted DLLs in the installer's directory may be loaded and executed, leading to potentially arbitrary code execution with the installer's privileges (admin).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| checkpoint | Check Point SmartConsole |
Version: Check Point SmartConsole versions R81.10, R81.20 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24916",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-20T13:06:34.598794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "CWE-427 Uncontrolled Search Path Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-20T13:11:11.641Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Check Point SmartConsole",
"vendor": "checkpoint",
"versions": [
{
"status": "affected",
"version": "Check Point SmartConsole versions R81.10, R81.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Untrusted DLLs in the installer\u0027s directory may be loaded and executed, leading to potentially arbitrary code execution with the installer\u0027s privileges (admin)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-427",
"description": "The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-19T13:17:39.651Z",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"url": "https://support.checkpoint.com/results/sk/sk183342"
}
],
"title": "DLL-HiJacking"
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2024-24916",
"datePublished": "2025-06-19T13:17:39.651Z",
"dateReserved": "2024-02-01T15:19:26.278Z",
"dateUpdated": "2025-06-20T13:11:11.641Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49217 (GCVE-0-2025-49217)
Vulnerability from
Published
2025-06-17 20:28
Modified
2025-06-18 15:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-477 - Use of Obsolete Function
Summary
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Endpoint Encryption Policy Server |
Version: 6.0 ≤ cpe:2.3:a:trendmicro:endpoint_encryption_policy_server:6.0.0.4013:p1u6:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49217",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T15:51:14.698629Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T15:53:47.899Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:endpoint_encryption_policy_server:6.0.0.4013:p1u6:*:*:*:*:*:*"
],
"product": "Trend Micro Endpoint Encryption Policy Server",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "6.0.0.4013",
"status": "affected",
"version": "6.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-477",
"description": "CWE-477: Use of Obsolete Function",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:28:14.897Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/en-US/solution/KA-0019928"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-374/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2025-49217",
"datePublished": "2025-06-17T20:28:14.897Z",
"dateReserved": "2025-06-03T18:11:27.260Z",
"dateUpdated": "2025-06-18T15:53:47.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-49384 (GCVE-0-2025-49384)
Vulnerability from
Published
2025-06-17 20:40
Modified
2025-06-18 15:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-64 - Windows Shortcut Following
Summary
Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Trend Micro, Inc. | Trend Micro Internet Security (Consumer) |
Version: 17.8 ≤ cpe:2.3:a:trendmicro:maximum_security_2022:17.8:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49384",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-18T15:41:51.498164Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-18T15:42:37.957Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:maximum_security_2022:17.8:*:*:*:*:*:*:*"
],
"product": "Trend Micro Internet Security (Consumer)",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "17.8.1464",
"status": "affected",
"version": "17.8",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-64",
"description": "CWE-64: Windows Shortcut Following",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T20:40:21.350Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-11112"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2025-49384",
"datePublished": "2025-06-17T20:40:21.350Z",
"dateReserved": "2025-06-04T14:20:26.485Z",
"dateUpdated": "2025-06-18T15:42:37.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
displaying 321 - 330 organizations in total 1855