ByteOS Network

NVD Vulnerability Details :

CVE-2025-49385

Analyzed

Source-security@trendmicro.com

Published At-17 Jun, 2025 | 21:15

Updated At-26 Aug, 2025 | 19:39

Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary	3.1	7.1	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

CPE Matches

Trend Micro Incorporated

>>maximum_security_2022>>17.8

cpe:2.3:a:trendmicro:maximum_security_2022:17.8:*:*:*:*:*:*:*

Microsoft Corporation

>>windows>>-

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-64	Secondary	security@trendmicro.com

References

Hyperlink	Source	Resource
https://helpcenter.trendmicro.com/en-us/article/TMKA-18461	security@trendmicro.com	Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-25-380/	security@trendmicro.com	Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History