CVE-2025-49155 HIGH

CVE-2025-49155

Vendor Trend Micro, Inc.
Product Trend Micro Apex One
Weakness CWE-427
Published June 17, 2025
Last update June 17, 2025

CVSS base score

8.8/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to inject malicious code leading to arbitrary code execution on affected installations.

Key dates

02Disclosure timeline

June 17, 2025 CVE published
June 17, 2025 Record updated