Cyber Security News

Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption

CybersecurityNews
Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption

Trend Micro has issued patches for ten vulnerabilities in Apex Central and Endpoint Encryption PolicyServer, including critical remote code execution flaws. Although not yet exploited in the wild, timely patching is crucial to mitigate potential risks. #CVE-2025-49219 #CVE-2025-49220 #CVE-2025-49212 #CVE-2025-49213 #CVE-2025-49214

Keypoints

  • Ten vulnerabilities across Apex Central and Endpoint Encryption PolicyServer have been patched by Trend Micro.
  • Two critical RCE flaws in Apex Central are tracked as CVE-2025-49219 and CVE-2025-49220, both with a CVSS score of 9.8.
  • Eight flaws in Endpoint Encryption PolicyServer include four critical deserialization vulnerabilities and four high-severity issues, such as SQL injection.
  • Three of the critical vulnerabilities involve deserialization of untrusted data leading to unauthenticated RCE.
  • Trend Micro emphasizes that none of these vulnerabilities have been exploited in real-world attacks, but users should apply patches promptly.

Read More: https://www.securityweek.com/critical-vulnerabilities-patched-in-trend-micro-apex-central-endpoint-encryption-policyserver/