CVE-2025-49385

Summary

Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

Affected Software

VendorProductVersion RangeStatus
Trend Micro, Inc.Trend Micro Internet Security (Consumer)17.8 < 17.8.1464affected

Weaknesses

  • CWE-64: CWE-64: Windows Shortcut Following

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References