CVE-2025-30678

Summary

A Server-side Request Forgery (SSRF) vulnerability in Trend Micro Apex Central (on-premise) modTMSM component could allow an attacker to manipulate certain parameters leading to information disclosure on affected installations.

Affected Software

VendorProductVersion RangeStatus
Trend Micro, Inc.Trend Micro Apex Central8.0 < 8.0.6955affected

Weaknesses

  • CWE-918: CWE-918: SSRF

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References