- Description
- An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method.
- Source
- security@trendmicro.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@trendmicro.com
- CWE-477
- Hype score
- Not currently trending
⚠️ Vulnerabilidades corregidas en los productos de Trend Micro ❗CVE-2025-49219 ❗CVE-2025-49220 ❗CVE-2025-49212 ❗CVE-2025-49216 ➡️Más info: https://t.co/ZCzRsiTMQf https://t.co/NOhmrIJmlU
@CERTpy
20 Jun 2025
86 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-49219: CRITICAL] Vulnerability alert: Insecure deserialization in Trend Micro Apex Central <8.0.7007 allows remote code execution. Note: similar to CVE-2025-49220 but in a different method. #cybers...#cve,CVE-2025-49219,#cybersecurity https://t.co/z7ImbPOjlu https://
@CveFindCom
18 Jun 2025
499 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-49220: CRITICAL] Alert: Insecure deserialization in Trend Micro Apex Central <8.0.7007 may allow pre-auth RCE. Differs from CVE-2025-49219. Update to avoid risks. #cybersecurity#cve,CVE-2025-49220,#cybersecurity https://t.co/HPyK35wtt7 https://t.co/gbvLlhfToH
@CveFindCom
18 Jun 2025
487 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-49220 An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installa… https://t.co/3avJfLFOMi
@CVEnew
17 Jun 2025
373 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Warning: Two Critical Insecure Deserialization vulnerabilities in Trend Micro Apex Central can lead to Remote Code Execution #RCE. CVE-2025-49219 and CVE-2025-49220 (CVSS 9.8). Read our advisory https://t.co/OkemBKSynF and #patch #patch #patch
@CCBalert
16 Jun 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro patches 10 vulnerabilities in Apex Central & Endpoint Encryption, including critical RCE flaws CVE-2025-49219 & CVE-2025-49220 (CVSS 9.8). Timely patching essential to prevent potential exploits. 🔒 #CyberAlert #UK #Vulnerabilities https://t.co/nDxTbziEXH
@TweetThreatNews
13 Jun 2025
39 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
トレンドマイクロのApex Centralに重大(Critical)な脆弱性。CVE-2025-49220はCVSSスコア9.8。ConvertFromJsonメソッドの実装における検証不備に起因する信頼されないデータのデシリアライゼーションで、遠隔コード実行可能
@__kokumoto
12 Jun 2025
1998 Impressions
3 Retweets
10 Likes
4 Bookmarks
1 Reply
0 Quotes
🚨🚨🚨 『An insecure deserialization operation in Trend Micro Apex Central could lead to a pre-authentication remote code execution』 CVE-2025-49219, CVE-2025-49220 CRITICAL SECURITY BULLETIN: Trend Micro Apex Central (June 2025) https://t.co/nPjUDLG5YV
@autumn_good_35
12 Jun 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro Apex Central has two critical pre-authentication RCE flaws (CVSS 9.8, CVE-2025-49219, CVE-2025-49220). Patch immediately to prevent remote takeover. #TrendMicro #Cybersecurity #RCE #Vulnerability #ApexCentral https://t.co/E3io6X7rcA
@the_yellow_fall
12 Jun 2025
543 Impressions
5 Retweets
5 Likes
2 Bookmarks
0 Replies
0 Quotes