cbcvebase.
CVE-2025-49216
published 2025-06-17

CVE-2025-49216: An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and…

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.49%
38.3th percentile
An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as an admin user and modify product configurations on affected installations.

Affected

2 ranges
VendorProductVersion rangeFixed in
trend_micro_inctrend_micro_endpoint_encryption_policy_server>= 6.0 < 6.0.0.40136.0.0.4013
trendmicrotrend_micro_endpoint_encryption< 6.0.0.40136.0.0.4013
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.