High severity7.8NVD Advisory· Published Jun 17, 2025· Updated Jun 17, 2026
CVE-2025-49157
CVE-2025-49157
Description
A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Trend Micro, Inc./Trend Micro Apex Onev5cpe:2.3:a:trendmicro:apexone_op:14.0.0.14002:p3:*:*:*:*:*:*Range: 2019 (14.0)
- Trend Micro, Inc./Trend Micro Apex One as a Servicev5cpe:2.3:a:trendmicro:apexone_saas:14.0.0.14492:ga:*:*:*:*:*:*Range: SaaS
Patches
Vulnerability mechanics
References
2- success.trendmicro.com/en-US/solution/KA-0019917nvdVendor Advisory
- www.zerodayinitiative.com/advisories/ZDI-25-364/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.