Trend Micro Endpoint Encryption PolicyServer Insecure Deserialization Remote Code Execution Vulnerability

A remote code execution vulnerability has been identified in Trend Micro Endpoint Encryption PolicyServer versions prior to 6.0.0.4013. This vulnerability arises from an insecure deserialization operation, which can be exploited to execute arbitrary code on the affected system. The issue is present in the PolicyValueTableSerializationBinder class and can be leveraged by remote attackers without authentication, allowing the executed code to run with SYSTEM privileges.

Impact

Exploitation of this vulnerability allows for pre-authentication remote code execution on affected systems, with the executed code running in the context of the SYSTEM user.

Remediation

Trend Micro has released a patch for this vulnerability in Endpoint Encryption PolicyServer version 6.0.0.4013. This update is available now. Customers are advised to visit the Trend Micro Download Center to obtain any prerequisite software before applying the patch.