- Trendmicro -flaps more deficiencies with high and critical difficulty
- The problems were found in Apex Central and Endpoint -The Encryption Police Server
- There are no solutions or molds
Trend Micro has directed a handful of vulnerabilities to critical difficulty, as it recently discovered in a few tools at the company level.
In Security Counseling, the company said it fixed six remote code execution and authentication compass -vulnerability in Apex Central and Endpoint Encryption (TMEE) policy verbs -Products.
Apex Central is a web -based centralized management console designed for it and security teams in the middle of the size of corporate organizations using Trend Micro’s security products across final points, servers, e -mail and networks. Endpoint encryption policy server, on the other hand, is a central management server used to manage encryption policies across devices. Users can handle approval, key management, real -time policy synchronization and auditing and are authorized for remote commands such as locking, resetting or drying of lost or stolen final points.
No evidence of abuse
The vulnerabilities determined by the latest programs are listed below:
CVE-2025-49212
CVE-2025-49213
CVE-2025-49216
CVE-2025-49217
CVE-2025-49219
CVE-2025-49212
All of these are considered either high severity or critical. More details about them can be found at this link.
While trend -micro -voltages There is no evidence of abuse in nature, it still encourages its users to use the corrections and secure their premises as soon as possible.
There are no mitigation or solutions, and the only way to secure the endpoints is to bring TMee to version 6.0.0.4013 (Patch 1 update 6) and for Apex Central to install Patch B7007.
Just because threat actors did not take advantage of the deficiencies yet doesn’t mean they don’t. Many hacking groups are watching newly released patches to try to exploit the vulnerabilities, banking at the fact that many organizations do not rush to install the corrections.
For example, in March 2025, Trend Micro warned about a Windows zero-day vulnerability that has been unmatched for eight years and has been exploited by 11 nation-state attacks and countless financially motivated groups.
Via Bleeping computer
