Lucene search
K
TrendmicroTrend Micro Endpoint Encryption

9 matches found

CVE
CVE
โ€ขadded 2023/03/14 9:51 p.m.โ€ข92 views

CVE-2023-28005

Summary: CVE-2023-28005 affects Trend Micro Endpoint Encryption Full Disk Encryption (TMEE FDE) โ‰ค 6.0.0.3204. The issue enables bypass of the Windows Secure Boot process when an attacker has physical access, potentially enabling further attacks to access device contents. The encrypted drive remai...

6.8CVSS6.3AI score0.00196EPSS
CVE
CVE
โ€ขadded 2025/06/17 8:27 p.m.โ€ข44 views

CVE-2025-49212

CVE-2025-49212 affects Trend Micro Endpoint Encryption PolicyServer. An insecure deserialization operation could allow pre-authentication remote code execution on affected installations. The CVSSv3.1 vector is NETWORK/LOW/ NONE, with HIGH impact on confidentiality, integrity, and availability (ba...

9.8CVSS9.7AI score0.08324EPSS
CVE
CVE
โ€ขadded 2025/06/17 8:27 p.m.โ€ข40 views

CVE-2025-49213

CVE-2025-49213 describes an insecure deserialization flaw in the Trend Micro Endpoint Encryption PolicyServer that could allow pre-authentication remote code execution on affected installations. According to the available description, the vulnerability is in a different method than CVE-2025-49212...

9.8CVSS9.7AI score0.08324EPSS
CVE
CVE
โ€ขadded 2025/06/17 8:16 p.m.โ€ข36 views

CVE-2025-49211

CVE-2025-49211 describes a SQL injection in Trend Micro Endpoint Encryption PolicyServer that can escalate privileges. Public details identify the flaw in the BuildEnterpriseSearchString SQL construction as the root cause and note that authentication is reportedly required but can be bypassed to ...

7.8CVSS8AI score0.00113EPSS
CVE
CVE
โ€ขadded 2025/06/17 8:28 p.m.โ€ข30 views

CVE-2025-49216

The CVE-2025-49216 entry relates to Trend Micro Endpoint Encryption PolicyServer. The connected ZDI advisory (ZDI-25-373) states an authentication bypass exists in the DbAppDomain service, enabling remote attackers to bypass authentication and act with admin-level access to modify product configu...

9.8CVSS9.7AI score0.00489EPSS
CVE
CVE
โ€ขadded 2025/06/17 8:28 p.m.โ€ข30 views

CVE-2025-49218

CVE-2025-49218 describes a post-auth SQL injection vulnerability in Trend Micro Endpoint Encryption PolicyServer that could allow privilege escalation. The affected component is the PolicyServerโ€™s handling of SQL queries after an attacker already has execution capability with low privileges on th...

7.8CVSS8.6AI score0.00113EPSS
CVE
CVE
โ€ขadded 2025/06/17 8:28 p.m.โ€ข29 views

CVE-2025-49217

CVE-2025-49217 pertains to Trend Micro Endpoint Encryption PolicyServer and describes an insecure deserialization vulnerability that could allow pre-authentication remote code execution on affected installations. The CVE entry notes this issue is similar to CVE-2025-49213 but in a different metho...

9.8CVSS9.8AI score0.01024EPSS
CVE
CVE
โ€ขadded 2025/06/17 8:27 p.m.โ€ข26 views

CVE-2025-49214

CVE-2025-49214 concerns Trend Micro Endpoint Encryption PolicyServer with an insecure deserialization flaw that could enable post-auth remote code execution. Affected component/behavior: deserialization function in PolicyServer; root cause described as insecure deserialization. Impact: high acros...

8.8CVSS9AI score0.00772EPSS
CVE
CVE
โ€ขadded 2025/06/17 8:28 p.m.โ€ข24 views

CVE-2025-49215

CVE-2025-49215 describes a post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer that can lead to privilege escalation on affected installations. The main affected component is PolicyServer; the underlying issue is an SQL injection flaw exploitable after the at...

8.8CVSS8.2AI score0.00347EPSS