SB2025060965 - Multiple vulnerabilities in Trend Micro Apex One
Published: June 9, 2025 Updated: June 12, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 5 secuirty vulnerabilities.
1) Improper access control (CVE-ID: CVE-2025-49154)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper access restrictions. A local user can overwrite key memory-mapped files and escalate privileges on the system.
2) Untrusted search path (CVE-ID: CVE-2025-49158)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to usage of an untrusted search path. A local user can place a malicious binary into a specific location on the system and execute arbitrary code with escalated privileges.
3) Insecure DLL loading (CVE-ID: CVE-2025-49155)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to the application loads DLL libraries in an insecure manner. A remote attacker can place a specially crafted .dll file on a remote SMB fileshare, trick the victim into opening a file, associated with the vulnerable application, and execute arbitrary code on victim's system.
4) Link following (CVE-ID: CVE-2025-49156)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an insecure link following issue. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.
5) Link following (CVE-ID: CVE-2025-49157)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an insecure link following issue. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.
Remediation
Install update from vendor's website.