CNNVD-202506-2123 Information

CNNVD ID

CNNVD-202506-2123

Related CVE

CVE-2025-49218

• CNNVD Published: 2025-06-17

Description (Chinese)

Trend Micro Endpoint Encryption PolicyServer是美国趋势科技（Trend Micro）公司的一个中央管理服务器。 Trend Micro Endpoint Encryption PolicyServer存在安全漏洞，该漏洞源于认证后SQL注入问题，可能导致权限提升。

Description (English)

Trend Micro Endpoint Environmental Policy Server is a central management server for Trend Micro. There is a security loophole in Trend Micro Endpoint Enterprise PolicyServer, which stems from a post-certification SQL injection problem and may lead to an increase in privileges.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

趋势科技

Published

2025-06-17

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-375/ https://success.trendmicro.com/en-US/solution/KA-0019928 https://nvd.nist.gov/vuln/detail/CVE-2025-49218

Patch

https://success.trendmicro.com/en-US/solution/KA-0019928