← back
CVE-2025-49155

CVE-2025-49155

CVSS 8.8 HIGHEPSS 0.8%CWE-427
An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to inject malicious code leading to arbitrary code execution on affected installations.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Trend Micro, Inc. · Trend Micro Apex OneTrend Micro, Inc. · Trend Micro Apex One as a Service

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://success.trendmicro.com/en-US/solution/KA-0019917https://www.zerodayinitiative.com/advisories/ZDI-25-362/