VYPR
High severity7.8NVD Advisory· Published Jun 17, 2025· Updated Jun 17, 2026

CVE-2025-49157

CVE-2025-49157

Description

A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Trend Micro, Inc./Trend Micro Apex Onev5
    cpe:2.3:a:trendmicro:apexone_op:14.0.0.14002:p3:*:*:*:*:*:*
    Range: 2019 (14.0)
  • Trend Micro, Inc./Trend Micro Apex One as a Servicev5
    cpe:2.3:a:trendmicro:apexone_saas:14.0.0.14492:ga:*:*:*:*:*:*
    Range: SaaS

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.