Primary

Context

Trend Micro Endpoint Encryption PolicyServer Deserialization Vulnerability Leading to Pre-Authentication Remote Code Execution

Vulnerability

A vulnerability allowing pre-authentication remote code execution has been identified in Trend Micro Endpoint Encryption PolicyServer versions prior to 6.0.0.4013. This issue arises from an insecure deserialization operation that fails to properly validate user-supplied data, enabling remote attackers to execute arbitrary code on affected installations. The executed code runs in the context of the SYSTEM user.

Impact

Exploitation of this vulnerability allows remote attackers to execute arbitrary code on the affected system with SYSTEM privileges.

Remediation

Users are advised to update to Trend Micro Endpoint Encryption PolicyServer version 6.0.0.4013 or later. The update is available through the Trend Micro Download Center.

Added: Jun 17, 2025, 9:37 PM

Updated: Jun 17, 2025, 9:37 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

7.7

relevance

0.2

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

7.7

relevance

0.2

threat

0.1

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Trend Micro Endpoint Encryption PolicyServer Deserialization Vulnerability Leading to Pre-Authentication Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating