CVE-2025-49216

Summary

An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.

Affected Software

VendorProductVersion RangeStatus
Trend Micro, Inc.Trend Micro Endpoint Encryption Policy Server6.0 < 6.0.0.4013affected

Weaknesses

  • CWE-477: CWE-477: Use of Obsolete Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References