- Description
- An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.
- Source
- security@trendmicro.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security@trendmicro.com
- CWE-477
- Hype score
- Not currently trending
[CVE-2025-49214: HIGH] Vulnerability in Trend Micro Endpoint Encryption PolicyServer allows post-auth remote code exec. Attackers need prior access to low-privileged code on affected systems.#cve,CVE-2025-49214,#cybersecurity https://t.co/KOGOCigItY https://t.co/ir1oticzRW
@CveFindCom
18 Jun 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-49214 An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected instal… https://t.co/qdsgCisIvj
@CVEnew
17 Jun 2025
399 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes