CVE-2025-69259

Published Jan 8, 2026

Last updated 5 days ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-69259 is a denial-of-service (DoS) vulnerability found in Trend Micro Apex Central (on-premise) installations. This flaw stems from an unchecked NULL return value during message handling within the software. Exploitation of this vulnerability allows a remote attacker to create a denial-of-service condition on affected systems, potentially causing Apex Central services to crash or become unresponsive. Importantly, successful exploitation does not require authentication. The vulnerability affects versions of Trend Micro Apex Central below Build 7190.

Description: A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability..
Source: security@trendmicro.com
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

security@trendmicro.com: CWE-120

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score: 6

References