- Trend Micro patches multiple high- and critical-severity flaws
- The issues were found in Apex Central and Endpoint Encryption PolicyServer
- There are no workarounds or mitigations
Trend Micro has fixed a handful of critical-severity vulnerabilities it recently discovered in a pair of enterprise-level tools.
In security advisories, the company said it fixed six remote code execution, and authentication bypass vulnerabilities, in Apex Central and Endpoint Encryption (TMEE) PolicyServer products.
Apex Central is a web‑based centralized management console designed for IT and security teams in mid‑sized to enterprise organizations using Trend Micro’s security products across endpoints, servers, email, and network. Endpoint Encryption PolicyServer, on the other hand, is a central management server used to manage encryption policies across devices. Users can handle authentication, key management, real-time policy synchronization and auditing, and are allowed remote commands such as locking, resetting or wiping lost or stolen endpoints.
No evidence of abuse
The vulnerabilities fixed with the most recent patches are listed below:
CVE-2025-49212
CVE-2025-49213
CVE-2025-49216
CVE-2025-49217
CVE-2025-49219
CVE-2025-49212
All of these are deemed either high-severity, or critical. More details about them can be found on this link.
While Trend Micro stresses there is no evidence of abuse in the wild, it still urges its users to apply the fixes and secure their premises as soon as possible.
There are no mitigations, or workarounds, and the only way to secure the endpoints is to bring TMEE to version 6.0.0.4013 (Patch 1 Update 6), and for Apex Central, to install the Patch B7007.
Just because threat actors did not take advantage of the flaws yet, it doesn’t mean they won’t. Many hacking groups watch for newly-released patches to try and exploit the vulnerabilities, banking on the fact that many organizations don’t rush with installing the fixes.
For example, in March 2025, Trend Micro warned about a Windows zero-day vulnerability which has remained unpatched for eight years and has been exploited by 11 nation-state attackers, and countless financially motivated groups.
Via BleepingComputer
Leave a comment