cvelistv5 - cve-2025-49216

CVE-2025-49216 (GCVE-0-2025-49216)

Vulnerability from cvelistv5 – Published: 2025-06-17 20:28 – Updated: 2025-06-18 14:05

Summary

An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-477 - Use of Obsolete Function

Assigner

trendmicro

References

URL

Tags

	https://success.trendmicro.com/en-US/solution/KA-…
	https://www.zerodayinitiative.com/advisories/ZDI-…

Impacted products

	Vendor	Product	Version
	Trend Micro, Inc.	Trend Micro Endpoint Encryption Policy Server	Affected: 6.0 , < 6.0.0.4013 (semver) cpe:2.3:a:trendmicro:endpoint_encryption_policy_server:6.0.0.4013:p1u6::::::

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49216",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-18T14:04:03.506589Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-18T14:05:54.493Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:trendmicro:endpoint_encryption_policy_server:6.0.0.4013:p1u6:*:*:*:*:*:*"
          ],
          "product": "Trend Micro Endpoint Encryption Policy Server",
          "vendor": "Trend Micro, Inc.",
          "versions": [
            {
              "lessThan": "6.0.0.4013",
              "status": "affected",
              "version": "6.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-477",
              "description": "CWE-477: Use of Obsolete Function",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-17T20:28:07.764Z",
        "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
        "shortName": "trendmicro"
      },
      "references": [
        {
          "url": "https://success.trendmicro.com/en-US/solution/KA-0019928"
        },
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-373/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
    "assignerShortName": "trendmicro",
    "cveId": "CVE-2025-49216",
    "datePublished": "2025-06-17T20:28:07.764Z",
    "dateReserved": "2025-06-03T18:11:27.259Z",
    "dateUpdated": "2025-06-18T14:05:54.493Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-49216\",\"sourceIdentifier\":\"security@trendmicro.com\",\"published\":\"2025-06-17T21:15:39.437\",\"lastModified\":\"2025-09-08T21:10:36.310\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en Trend Micro Endpoint Encryption PolicyServer podr\u00eda permitir que un atacante acceda a m\u00e9todos clave como usuario administrador y modifique las configuraciones del producto en las instalaciones afectadas.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@trendmicro.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@trendmicro.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-477\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:trendmicro:trend_micro_endpoint_encryption:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.0.4013\",\"matchCriteriaId\":\"5216BF2B-BE1D-4763-A65D-73A008727BA6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://success.trendmicro.com/en-US/solution/KA-0019928\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.zerodayinitiative.com/advisories/ZDI-25-373/\",\"source\":\"security@trendmicro.com\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-49216\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-18T14:04:03.506589Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-18T14:04:08.262Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:trendmicro:endpoint_encryption_policy_server:6.0.0.4013:p1u6:*:*:*:*:*:*\"], \"vendor\": \"Trend Micro, Inc.\", \"product\": \"Trend Micro Endpoint Encryption Policy Server\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\", \"lessThan\": \"6.0.0.4013\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://success.trendmicro.com/en-US/solution/KA-0019928\"}, {\"url\": \"https://www.zerodayinitiative.com/advisories/ZDI-25-373/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"type\": \"CWE\", \"cweId\": \"CWE-477\", \"description\": \"CWE-477: Use of Obsolete Function\"}]}], \"providerMetadata\": {\"orgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"shortName\": \"trendmicro\", \"dateUpdated\": \"2025-06-17T20:28:07.764Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-49216\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-18T14:05:54.493Z\", \"dateReserved\": \"2025-06-03T18:11:27.259Z\", \"assignerOrgId\": \"7f7bd7df-cffe-4fdb-ab6d-859363b89272\", \"datePublished\": \"2025-06-17T20:28:07.764Z\", \"assignerShortName\": \"trendmicro\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-43V6-MQ3R-QMHX

Vulnerability from github – Published: 2025-06-17 21:32 – Updated: 2025-06-17 21:32

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-49216"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-477"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-17T21:15:39Z",
    "severity": "CRITICAL"
  },
  "details": "An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.",
  "id": "GHSA-43v6-mq3r-qmhx",
  "modified": "2025-06-17T21:32:31Z",
  "published": "2025-06-17T21:32:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49216"
    },
    {
      "type": "WEB",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019928"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-373"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2025-AVI-0544

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Trend Micro. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une injection SQL (SQLi).

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Trend Micro	Worry-Free Business Security	Worry-Free Business Security Services versions antérieures à 6.7.3954 et 14.3.1299
Trend Micro	Apex One	Security agent pour Apex One as a Service versions antérieures à 14.0.14492
Trend Micro	Apex Central	Apex Central versions antérieures à CP B7007
Trend Micro	Apex Central	Apex Central as a Service sans le correctif de sécurité d'Avril 2025
Trend Micro	Apex One	Apex One versions antérieures à SP1 CP Build 14002
Trend Micro	Trend Micro Endpoint Encryption	Trend Micro Endpoint Encryption PolicyServer sans correctif de sécurité Patch 1 Update 6 (Version 6.0.0.4013)
Trend Micro	Worry-Free Business Security	Worry-Free Business Security versions antérieures à 10 SP1 Patch 2514

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro KA-0019936	2025-06-09	vendor-advisory
Bulletin de sécurité Trend Micro KA-0019926	2025-06-10	vendor-advisory
Bulletin de sécurité Trend Micro KA-0019928	2025-06-10	vendor-advisory
Bulletin de sécurité Trend Micro KA-0019917	2025-06-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Worry-Free Business Security Services versions ant\u00e9rieures \u00e0 6.7.3954 et 14.3.1299",
      "product": {
        "name": "Worry-Free Business Security",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Security agent pour Apex One as a Service versions ant\u00e9rieures \u00e0 14.0.14492",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex Central versions ant\u00e9rieures \u00e0 CP B7007",
      "product": {
        "name": "Apex Central",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex Central as a Service sans le correctif de s\u00e9curit\u00e9 d\u0027Avril 2025",
      "product": {
        "name": "Apex Central",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One versions ant\u00e9rieures \u00e0 SP1 CP Build 14002",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Trend Micro Endpoint Encryption PolicyServer sans correctif de s\u00e9curit\u00e9 Patch 1 Update 6 (Version 6.0.0.4013)",
      "product": {
        "name": "Trend Micro Endpoint Encryption",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Worry-Free Business Security versions ant\u00e9rieures \u00e0 10 SP1 Patch 2514",
      "product": {
        "name": "Worry-Free Business Security",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-49220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49220"
    },
    {
      "name": "CVE-2025-49219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49219"
    },
    {
      "name": "CVE-2025-49156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49156"
    },
    {
      "name": "CVE-2025-49155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49155"
    },
    {
      "name": "CVE-2025-49215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49215"
    },
    {
      "name": "CVE-2025-49214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49214"
    },
    {
      "name": "CVE-2025-49212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49212"
    },
    {
      "name": "CVE-2025-49157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49157"
    },
    {
      "name": "CVE-2025-49487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49487"
    },
    {
      "name": "CVE-2025-49216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49216"
    },
    {
      "name": "CVE-2025-49217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49217"
    },
    {
      "name": "CVE-2025-49213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49213"
    },
    {
      "name": "CVE-2025-49158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49158"
    },
    {
      "name": "CVE-2025-49211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49211"
    },
    {
      "name": "CVE-2025-49154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49154"
    },
    {
      "name": "CVE-2025-49218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49218"
    }
  ],
  "links": [],
  "reference": "CERTFR-2025-AVI-0544",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-06-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection SQL (SQLi)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Trend Micro. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une injection SQL (SQLi).",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Trend Micro",
  "vendor_advisories": [
    {
      "published_at": "2025-06-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0019936",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019936"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0019926",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019926"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0019928",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019928"
    },
    {
      "published_at": "2025-06-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0019917",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019917"
    }
  ]
}

CERTFR-2025-AVI-0544

Vulnerability from certfr_avis - Published: - Updated:

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

Vendor	Product	Description
Trend Micro	Worry-Free Business Security	Worry-Free Business Security Services versions antérieures à 6.7.3954 et 14.3.1299
Trend Micro	Apex One	Security agent pour Apex One as a Service versions antérieures à 14.0.14492
Trend Micro	Apex Central	Apex Central versions antérieures à CP B7007
Trend Micro	Apex Central	Apex Central as a Service sans le correctif de sécurité d'Avril 2025
Trend Micro	Apex One	Apex One versions antérieures à SP1 CP Build 14002
Trend Micro	Trend Micro Endpoint Encryption	Trend Micro Endpoint Encryption PolicyServer sans correctif de sécurité Patch 1 Update 6 (Version 6.0.0.4013)
Trend Micro	Worry-Free Business Security	Worry-Free Business Security versions antérieures à 10 SP1 Patch 2514

References

Title

Publication Time

Tags

Bulletin de sécurité Trend Micro KA-0019936	2025-06-09	vendor-advisory
Bulletin de sécurité Trend Micro KA-0019926	2025-06-10	vendor-advisory
Bulletin de sécurité Trend Micro KA-0019928	2025-06-10	vendor-advisory
Bulletin de sécurité Trend Micro KA-0019917	2025-06-09	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Worry-Free Business Security Services versions ant\u00e9rieures \u00e0 6.7.3954 et 14.3.1299",
      "product": {
        "name": "Worry-Free Business Security",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Security agent pour Apex One as a Service versions ant\u00e9rieures \u00e0 14.0.14492",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex Central versions ant\u00e9rieures \u00e0 CP B7007",
      "product": {
        "name": "Apex Central",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex Central as a Service sans le correctif de s\u00e9curit\u00e9 d\u0027Avril 2025",
      "product": {
        "name": "Apex Central",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Apex One versions ant\u00e9rieures \u00e0 SP1 CP Build 14002",
      "product": {
        "name": "Apex One",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Trend Micro Endpoint Encryption PolicyServer sans correctif de s\u00e9curit\u00e9 Patch 1 Update 6 (Version 6.0.0.4013)",
      "product": {
        "name": "Trend Micro Endpoint Encryption",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    },
    {
      "description": "Worry-Free Business Security versions ant\u00e9rieures \u00e0 10 SP1 Patch 2514",
      "product": {
        "name": "Worry-Free Business Security",
        "vendor": {
          "name": "Trend Micro",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-49220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49220"
    },
    {
      "name": "CVE-2025-49219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49219"
    },
    {
      "name": "CVE-2025-49156",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49156"
    },
    {
      "name": "CVE-2025-49155",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49155"
    },
    {
      "name": "CVE-2025-49215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49215"
    },
    {
      "name": "CVE-2025-49214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49214"
    },
    {
      "name": "CVE-2025-49212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49212"
    },
    {
      "name": "CVE-2025-49157",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49157"
    },
    {
      "name": "CVE-2025-49487",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49487"
    },
    {
      "name": "CVE-2025-49216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49216"
    },
    {
      "name": "CVE-2025-49217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49217"
    },
    {
      "name": "CVE-2025-49213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49213"
    },
    {
      "name": "CVE-2025-49158",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49158"
    },
    {
      "name": "CVE-2025-49211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49211"
    },
    {
      "name": "CVE-2025-49154",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49154"
    },
    {
      "name": "CVE-2025-49218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-49218"
    }
  ],
  "links": [],
  "reference": "CERTFR-2025-AVI-0544",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-06-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection SQL (SQLi)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Trend Micro. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une injection SQL (SQLi).",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Trend Micro",
  "vendor_advisories": [
    {
      "published_at": "2025-06-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0019936",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019936"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0019926",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019926"
    },
    {
      "published_at": "2025-06-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0019928",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019928"
    },
    {
      "published_at": "2025-06-09",
      "title": "Bulletin de s\u00e9curit\u00e9 Trend Micro KA-0019917",
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019917"
    }
  ]
}

FKIE_CVE-2025-49216

Vulnerability from fkie_nvd - Published: 2025-06-17 21:15 - Updated: 2025-09-08 21:10

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security@trendmicro.com	https://success.trendmicro.com/en-US/solution/KA-0019928	Vendor Advisory
	security@trendmicro.com	https://www.zerodayinitiative.com/advisories/ZDI-25-373/	Third Party Advisory

Impacted products

	Vendor	Product	Version
	trendmicro	trend_micro_endpoint_encryption	*
	microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:trendmicro:trend_micro_endpoint_encryption:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5216BF2B-BE1D-4763-A65D-73A008727BA6",
              "versionEndExcluding": "6.0.0.4013",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en Trend Micro Endpoint Encryption PolicyServer podr\u00eda permitir que un atacante acceda a m\u00e9todos clave como usuario administrador y modifique las configuraciones del producto en las instalaciones afectadas."
    }
  ],
  "id": "CVE-2025-49216",
  "lastModified": "2025-09-08T21:10:36.310",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "security@trendmicro.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-06-17T21:15:39.437",
  "references": [
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://success.trendmicro.com/en-US/solution/KA-0019928"
    },
    {
      "source": "security@trendmicro.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-373/"
    }
  ],
  "sourceIdentifier": "security@trendmicro.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-477"
        }
      ],
      "source": "security@trendmicro.com",
      "type": "Secondary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-49216 (GCVE-0-2025-49216)

GHSA-43V6-MQ3R-QMHX

CERTFR-2025-AVI-0544

Solutions

CERTFR-2025-AVI-0544

Solutions

FKIE_CVE-2025-49216

Tags

Sightings

Nomenclature