CVE-2025-47866 MEDIUM

CVE-2025-47866

Vendor Trend Micro, Inc.
Product Trend Micro Apex Central
Weakness CWE-475
Published June 17, 2025
Last update June 17, 2025

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affected installations.

Key dates

02Disclosure timeline

June 17, 2025 CVE published
June 17, 2025 Record updated