Описание
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method.
EPSS
9.8 Critical
CVSS3
Дефекты
Связанные уязвимости
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method.
Уязвимость реализации метода DeserializeFromBase64String сервера PolicyServer средства шифрования данных Trend Micro Endpoint Encryption (TMEE), позволяющая нарушителю выполнить произвольный код в контексте SYSTEM
EPSS
9.8 Critical
CVSS3