High severity7.0NVD Advisory· Published Jun 17, 2025· Updated Jun 17, 2026
CVE-2025-49156
CVE-2025-49156
Description
A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalation privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Trend Micro, Inc./Trend Micro Apex Onev5cpe:2.3:a:trendmicro:apexone_op:14.0.0.14002:p3:*:*:*:*:*:*Range: 2019 (14.0)
- Trend Micro, Inc./Trend Micro Apex One as a Servicev5cpe:2.3:a:trendmicro:apexone_saas:14.0.0.14492:ga:*:*:*:*:*:*Range: SaaS
Patches
Vulnerability mechanics
References
2- success.trendmicro.com/en-US/solution/KA-0019917nvdVendor Advisory
- www.zerodayinitiative.com/advisories/ZDI-25-363/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.