Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-49155

An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to inject malicious code leading to arbitrary code execution on affected installations.

Published

2025-06-17T19:15:33.130

Last Modified

2025-09-09T15:24:13.320

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Secondary
CWE-427

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	trendmicro	apex_one	< 14.0.14492	Yes
Application	trendmicro	apex_one	< 14.0.0.14002	Yes

References

https://success.trendmicro.com/en-US/solution/KA-0019917 Vendor Advisory ([email protected])
https://www.zerodayinitiative.com/advisories/ZDI-25-362/ Third Party Advisory ([email protected])