9.8
CVE-2025-47865
- EPSS 0.49%
- Published 17.06.2025 17:42:30
- Last modified 08.09.2025 21:04:46
- Source security@trendmicro.com
- Teams watchlist Login
- Open Login
A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote code execution on affected installations.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Data is provided by the National Vulnerability Database (NVD)
Trendmicro ≫ Apex Central Version2019 Update- SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_3752 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_5158 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_6016 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_6288 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_6394 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_6481 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_6511 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_6571 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_6658 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_6660 SwEdition-
Trendmicro ≫ Apex Central Version2019 Updatebuild_6890 SwEdition-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.49% | 0.644 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| security@trendmicro.com | 7.5 | 1.6 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-475 Undefined Behavior for Input to API
The behavior of this function is undefined unless its control parameter is set to a specific value.