ZDI-25-374: Trend Micro Endpoint Encryption ValidateToken Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Authentication is not... 12/06/2025 Zero-Day Initiative
ZDI-25-373: Trend Micro Endpoint Encryption DbAppDomain Authentication Bypass Vulnerability This vulnerability allows remote attackers to bypass authentication on affected installations of Trend Micro Endpoint Encryption. Authentication is not required... 12/06/2025 Zero-Day Initiative
ZDI-25-372: Trend Micro Endpoint Encryption GetGroupFilteredUsers SQL Injection Privilege Escalation Vulnerability This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required... 12/06/2025 Zero-Day Initiative
ZDI-25-371: Trend Micro Endpoint Encryption DeserializeFromBase64String Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Although authentication is... 12/06/2025 Zero-Day Initiative
ZDI-25-370: Trend Micro Endpoint Encryption PolicyServerWindowsService Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Authentication is not... 12/06/2025 Zero-Day Initiative
ZDI-25-369: Trend Micro Endpoint Encryption PolicyValueTableSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Endpoint Encryption. Authentication is not... 12/06/2025 Zero-Day Initiative
ZDI-25-368: Trend Micro Endpoint Encryption BuildEnterpriseSearchString SQL Injection Privilege Escalation Vulnerability This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Endpoint Encryption. Although authentication is required... 12/06/2025 Zero-Day Initiative
ZDI-25-367: Trend Micro Apex Central ConvertFromJson Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is not... 12/06/2025 Zero-Day Initiative
ZDI-25-366: Trend Micro Apex Central GetReportDetailView Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is not... 12/06/2025 Zero-Day Initiative
ZDI-25-365: Trend Micro Apex One Security Agent ntrmv Uncontrolled Search Path Local Privilege Escalation Vulnerability This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker... 12/06/2025 Zero-Day Initiative
