- Description
- An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
- Source
- security@trendmicro.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.7
- Impact score
- 6
- Exploitability score
- 2
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H
- Severity
- HIGH
- security@trendmicro.com
- CWE-284
- Hype score
- Not currently trending
CVE-2025-49154 Local Memory-Mapped File Overwrite Vulnerability in Trend Micro Security Products https://t.co/sOdhoDMBSM
@VulmonFeeds
18 Jun 2025
107 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49154 An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-map… https://t.co/KuHUJt22pg
@CVEnew
17 Jun 2025
352 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
2025年6月9日、Trend MicroはApex Oneに存在する5件の重大な脆弱性(CVE-2025-49154~49158)に対し緊急パッチを公開した。 これらの脆弱性は、権限昇格やリモートコード実行、永続的なマルウェア注入などを可能にする
@yousukezan
12 Jun 2025
747 Impressions
1 Retweet
3 Likes
1 Bookmark
0 Replies
0 Quotes