CRITICAL🇵🇱 Wersja polska

CVE-2025-49220

CVSS 9.8v3.1pub. 2025-06-17upd. 2025-09-08

An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method.

🤖 AI Analysis
How it works

The application deserializes data supplied by the attacker using an unsafe deserialization operation (CWE-502) without prior verification of the requester's identity. Submitting a properly crafted payload to the vulnerable endpoint allows control of the deserialization process and execution of malicious code in the application context. The vulnerability affects a different method than CVE-2025-49219, but belongs to the same class of errors.

Impact

An attacker without any privileges can remotely execute arbitrary code (RCE) on a server running Trend Micro Apex Central, which can consequently lead to complete system compromise, loss of confidentiality, integrity, and availability of data.

Mitigation & patch

Trend Micro Apex Central must be immediately updated to version 8.0.7007 or later in accordance with the vendor's recommendations published at https://success.trendmicro.com/en-US/solution/KA-0019926

Who is affected

Trend Micro Apex Central versions below 8.0.7007 installed on Microsoft Windows

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Microsoft Windows

    OS
    Microsoft
    wszystkie wersje
  • Trendmicro Apex Central

    APP
    Trendmicro
    2019
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEDeserialization
CWE
References

Related vulnerabilities

CVE-2026-8398CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2025-34028CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Commvault Command Center – nieuwierzytelniony RCE przez path traversal w ZIP

CVE-2024-7262CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Path Traversal w Kingsoft WPS Office — ładowanie dowolnej biblioteki Windows

CVE-2024-4577CRITICAL9.8⚠ KEVPL ✓ten sam produkt

PHP CGI argument injection – RCE na Windows przez mechanizm Best-Fit