Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Trendmicro Subscribe
Filtered by product Trend Micro Endpoint Encryption
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-49218 2 Microsoft, Trendmicro 2 Windows, Trend Micro Endpoint Encryption 2025-09-08 N/A 7.7 HIGH
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. This is similar to, but not identical to CVE-2025-49215. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.
CVE-2025-49217 2 Microsoft, Trendmicro 2 Windows, Trend Micro Endpoint Encryption 2025-09-08 N/A 9.8 CRITICAL
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49213 but is in a different method.
CVE-2025-49216 2 Microsoft, Trendmicro 2 Windows, Trend Micro Endpoint Encryption 2025-09-08 N/A 9.8 CRITICAL
An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.
CVE-2025-49215 2 Microsoft, Trendmicro 2 Windows, Trend Micro Endpoint Encryption 2025-09-08 N/A 8.8 HIGH
A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.
CVE-2025-49214 2 Microsoft, Trendmicro 2 Windows, Trend Micro Endpoint Encryption 2025-09-08 N/A 8.8 HIGH
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code execution on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.
CVE-2025-49213 2 Microsoft, Trendmicro 2 Windows, Trend Micro Endpoint Encryption 2025-09-08 N/A 9.8 CRITICAL
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49212 but is in a different method.
CVE-2025-49212 2 Microsoft, Trendmicro 2 Windows, Trend Micro Endpoint Encryption 2025-09-08 N/A 9.8 CRITICAL
An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code execution on affected installations. Note that this vulnerability is similar to CVE-2025-49220 but is in a different method.
CVE-2025-49211 2 Microsoft, Trendmicro 2 Windows, Trend Micro Endpoint Encryption 2025-09-08 N/A 7.7 HIGH
A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system to exploit this vulnerability.
CVE-2023-28005 2 Microsoft, Trendmicro 2 Windows, Trend Micro Endpoint Encryption 2025-05-05 N/A 6.8 MEDIUM
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the device. An attacker must first obtain physical access to the target system in order to exploit this vulnerability. It is also important to note that the contents of the drive(s) encrypted with TMEE FDE would still be protected and would NOT be accessible by the attacker by exploitation of this vulnerability alone.