exploitDog

GHSA-vmw3-xqx8-h247

Опубликовано: 17 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method.

An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method.

Ссылки

EPSS

Процентиль: 77%

0.01125

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-477

Связанные уязвимости

CVE-2025-49220

CVSS3: 9.8

nvd

2 месяца назад

An insecure deserialization operation in Trend Micro Apex Central below version 8.0.7007 could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49219 but is in a different method.

BDU:2025-08897

CVSS3: 9.8

fstec

9 месяцев назад

Уязвимость реализации метода ConvertFromJson средства мониторинга и управления безопасностью Trend Micro Apex Central, позволяющая нарушителю выполнить произвольный код в контексте NETWORK SERVICE

EPSS

Процентиль: 77%

0.01125

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-477