[Vulnerability Alert] Multiple Critical Vulnerabilities in Trend Micro Endpoint Encryption PolicyServer

publish date : 2025-06-23 update date : 2025-06-23

Source: Ministry of education information & communication security contingency platform

Publication Number TACERT-ANA-2025061811064949 Publication Time 2025/06/18 11:35
Incident Type ANA-Vulnerability Alert Discovery Time 2025/06/18 11:35
Impact Level Low  
[Subject]
[Vulnerability Alert] Multiple Critical Vulnerabilities in Trend Micro Endpoint Encryption PolicyServer
[Content]
Forwarded from TWCERTCC-200-202506-00000012

Trend Micro Endpoint Encryption PolicyServer (TMEE) is an enterprise-grade solution that offers full-disk and portable media encryption for Windows devices. It is widely adopted in heavily regulated industries that must comply with data protection regulations. Recently, multiple critical vulnerabilities were disclosed and patched:

CVE-2025-49212 (CVSS: 9.8): TMEE is affected by unsafe deserialization, allowing unauthenticated remote attackers to execute arbitrary code on vulnerable TMEE installations.

CVE-2025-49213 (CVSS: 9.8): Another instance of unsafe deserialization, also allowing unauthenticated remote code execution.

CVE-2025-49214 (CVSS: 8.8): Authenticated attackers with low privilege code execution capabilities can exploit unsafe deserialization to run arbitrary code remotely.

CVE-2025-49215 (CVSS: 8.8): Authenticated attackers with limited access can perform SQL injection attacks to escalate privileges.

CVE-2025-49216 (CVSS: 9.8): Authentication bypass vulnerability allows attackers to access critical methods and modify product configurations with administrator privileges. CVE-2025-49217 (CVSS: 9.8): Yet another unsafe deserialization vulnerability, permitting unauthenticated remote code execution.

Information Sharing Level: WHITE (Information content can be publicly disclosed)
[Affected Platform]
Trend Micro Endpoint Encryption (TMEE) PolicyServer versions prior to 6.0.0.4013
[Recommended Actions]
Update Trend Micro Endpoint Encryption (TMEE) PolicyServer to version 6.0.0.4013 or later.
[Reference]
https://www.twcert.org.tw/tw/cp-169-10186-4abcc-1.html
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer: Computer Center