Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-49216

Summary
Assigner-trendmicro
Assigner Org ID-7f7bd7df-cffe-4fdb-ab6d-859363b89272
Published At-17 Jun, 2025 | 20:28
Updated At-18 Jun, 2025 | 14:05
Rejected At-
Credits

An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:trendmicro
Assigner Org ID:7f7bd7df-cffe-4fdb-ab6d-859363b89272
Published At:17 Jun, 2025 | 20:28
Updated At:18 Jun, 2025 | 14:05
Rejected At:
▼CVE Numbering Authority (CNA)

An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.

Affected Products
Vendor
Trend Micro IncorporatedTrend Micro, Inc.
Product
Trend Micro Endpoint Encryption Policy Server
CPEs
  • cpe:2.3:a:trendmicro:endpoint_encryption_policy_server:6.0.0.4013:p1u6:*:*:*:*:*:*
Versions
Affected
  • From 6.0 before 6.0.0.4013 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-477CWE-477: Use of Obsolete Function
Type: CWE
CWE ID: CWE-477
Description: CWE-477: Use of Obsolete Function
Metrics
VersionBase scoreBase severityVector
3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://success.trendmicro.com/en-US/solution/KA-0019928
N/A
https://www.zerodayinitiative.com/advisories/ZDI-25-373/
N/A
Hyperlink: https://success.trendmicro.com/en-US/solution/KA-0019928
Resource: N/A
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-25-373/
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security@trendmicro.com
Published At:17 Jun, 2025 | 21:15
Updated At:18 Jun, 2025 | 13:46

An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-477Secondarysecurity@trendmicro.com
CWE ID: CWE-477
Type: Secondary
Source: security@trendmicro.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://success.trendmicro.com/en-US/solution/KA-0019928security@trendmicro.com
N/A
https://www.zerodayinitiative.com/advisories/ZDI-25-373/security@trendmicro.com
N/A
Hyperlink: https://success.trendmicro.com/en-US/solution/KA-0019928
Source: security@trendmicro.com
Resource: N/A
Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-25-373/
Source: security@trendmicro.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

13Records found
CVE-2025-49213
Matching Score-10
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-10
Assigner-Trend Micro, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 65.24%
||
7 Day CHG+0.03%
Published-17 Jun, 2025 | 20:27
Updated-18 Jun, 2025 | 14:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49212 but is in a different method.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-Trend Micro Endpoint Encryption Policy Server
CWE ID-CWE-477
Use of Obsolete Function
CVE-2025-49219
Matching Score-10
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-10
Assigner-Trend Micro, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.19% / 77.96%
||
7 Day CHG+0.06%
Published-17 Jun, 2025 | 17:43
Updated-18 Jun, 2025 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure deserialization operation in Trend Micro Apex Central below versions 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-Trend Micro Apex Central
CWE ID-CWE-477
Use of Obsolete Function
CVE-2025-49220
Matching Score-10
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-10
Assigner-Trend Micro, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.19% / 77.96%
||
7 Day CHG+0.06%
Published-17 Jun, 2025 | 17:43
Updated-18 Jun, 2025 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-Trend Micro Apex Central
CWE ID-CWE-477
Use of Obsolete Function
CVE-2025-49217
Matching Score-10
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-10
Assigner-Trend Micro, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 57.96%
||
7 Day CHG+0.02%
Published-17 Jun, 2025 | 20:28
Updated-18 Jun, 2025 | 15:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-Trend Micro Endpoint Encryption Policy Server
CWE ID-CWE-477
Use of Obsolete Function
CVE-2025-49212
Matching Score-10
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-10
Assigner-Trend Micro, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.51% / 65.24%
||
7 Day CHG+0.03%
Published-17 Jun, 2025 | 20:27
Updated-18 Jun, 2025 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-Trend Micro Endpoint Encryption Policy Server
CWE ID-CWE-477
Use of Obsolete Function
CVE-2025-54987
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-9.4||CRITICAL
EPSS-0.47% / 63.59%
||
7 Day CHG~0.00%
Published-05 Aug, 2025 | 13:00
Updated-12 Aug, 2025 | 14:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-apex_oneTrend Micro Apex One
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2025-54948
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-9.4||CRITICAL
EPSS-18.49% / 94.99%
||
7 Day CHG~0.00%
Published-05 Aug, 2025 | 13:00
Updated-19 Aug, 2025 | 01:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-09-08||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-apex_oneTrend Micro Apex OneApex One
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-25143
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.34% / 84.23%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 22:19
Updated-05 Mar, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products.

Action-Not Available
Vendor-Trend Micro IncorporatedMicrosoft Corporation
Product-apex_onewindowsTrend Micro Apex One
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2023-32557
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-9.8||CRITICAL
EPSS-5.34% / 89.68%
||
7 Day CHG~0.00%
Published-26 Jun, 2023 | 21:57
Updated-04 Dec, 2024 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated attacker to upload an arbitrary file to the Management Server which could lead to remote code execution with system privileges.

Action-Not Available
Vendor-Microsoft CorporationTrend Micro Incorporated
Product-apex_onewindowsTrend Micro Apex Onetrend_micro_apex_one
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2024-48904
Matching Score-8
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-8
Assigner-Trend Micro, Inc.
CVSS Score-9.8||CRITICAL
EPSS-5.04% / 89.34%
||
7 Day CHG~0.00%
Published-22 Oct, 2024 | 18:28
Updated-31 Jul, 2025 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to execute arbitrary code on affected appliances. Please note: authentication is not required in order to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-cloud_edgeTrend Micro Cloud Edgecloud_edge
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2025-49214
Matching Score-6
Assigner-Trend Micro, Inc.
ShareView Details
Matching Score-6
Assigner-Trend Micro, Inc.
CVSS Score-8.8||HIGH
EPSS-0.34% / 56.21%
||
7 Day CHG+0.05%
Published-17 Jun, 2025 | 20:27
Updated-18 Jun, 2025 | 14:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.

Action-Not Available
Vendor-Trend Micro Incorporated
Product-Trend Micro Endpoint Encryption Policy Server
CWE ID-CWE-477
Use of Obsolete Function
CVE-2018-17890
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.8||CRITICAL
EPSS-0.73% / 71.85%
||
7 Day CHG~0.00%
Published-12 Oct, 2018 | 14:00
Updated-17 Sep, 2024 | 03:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution.

Action-Not Available
Vendor-NUUO Inc.
Product-nuuo_cmsNUUO CMS
CWE ID-CWE-477
Use of Obsolete Function
CVE-2023-23451
Matching Score-4
Assigner-SICK AG
ShareView Details
Matching Score-4
Assigner-SICK AG
CVSS Score-9.8||CRITICAL
EPSS-0.18% / 40.50%
||
7 Day CHG~0.00%
Published-19 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN1 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN3S04 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK UE410-EN4 FLEXI ETHERNET GATEW. with serial number <=2311xxxx all Firmware versions, SICK FX0-GENT00000 FLEXISOFT EIP GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GMOD00000 FLEXISOFT MOD GATEW. with serial number <=2311xxxx with Firmware <=V2.11.0, SICK FX0-GPNT00000 FLEXISOFT PNET GATEW. with serial number <=2311xxxx with Firmware <=V2.12.0, SICK FX0-GENT00030 FLEXISOFT EIP GATEW.V2 with serial number <=2311xxxx all Firmware versions, SICK FX0-GPNT00030 FLEXISOFT PNET GATEW.V2 with serial number <=2311xxxx all Firmware versions and SICK FX0-GMOD00010 FLEXISOFT MOD GW with serial number <=2311xxxx with Firmware <=V2.11.0 all have Telnet enabled by factory default. No password is set in the default configuration.

Action-Not Available
Vendor-N/ASICK AG
Product-fx0-gmod00000ue410-en3s04_firmwareue410-en4ue410-en1fx0-gmod00010_firmwarefx0-gpnt00000ue410-en3s04ue410-en3fx0-gent00000_firmwarefx0-gpnt00030_firmwarefx0-gent00000ue410-en1_firmwarefx0-gpnt00000_firmwareue410-en4_firmwarefx0-gent00030fx0-gpnt00030fx0-gmod00010fx0-gent00030_firmwarefx0-gmod00000_firmwareue410-en3_firmwareSICK FX0-GENT00000, SICK FX0-GENT00030, SICK FX0-GMOD00000, SICK FX0-GMOD00010, SICK FX0-GPNT00000, SICK FX0-GPNT00030, SICK UE410-EN1, SICK UE410-EN3, SICK UE410-EN3S04, SICK UE410-EN4
CWE ID-CWE-477
Use of Obsolete Function
CWE ID-CWE-306
Missing Authentication for Critical Function
Details not found