CVE-2025-49385

CWE-643 documents3 sources

Severity

7.1HIGH

EPSS

0.2%

top 61.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Trend Micro, Inc. Trend Micro Internet Security (consumer)Trendmicro Maximum Security 2022

Timeline

PublishedJun 17

Description

Trend Micro Security 17.8 (Consumer) is vulnerable to a link following local privilege escalation vulnerability that could allow a local attacker to unintentionally delete privileged Trend Micro files including its own.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5trend_micro,_inc./trend_micro_internet_security_(consumer)17.8 — 17.8.1464

▶NVDtrendmicro/maximum_security_202217.8

🔴Vulnerability Details

CVEList

CVE-2025-49385: Trend Micro Security 17↗2025-06-17

▶

GHSA

GHSA-8qp3-9598-wcp2: Trend Micro Security 17↗2025-06-17

▶