Forwarded from TWCERTCC-200-202506-00000012
Trend Micro Endpoint Encryption PolicyServer (TMEE) is a Trend Micro product that provides full-disk and removable media encryption for Windows devices in enterprises, widely applied in highly regulated industries requiring compliance with data protection regulations. A major security advisory was recently released to patch several vulnerabilities:
【CVE-2025-49212, CVSS: 9.8】 TMEE has an insecure deserialization operation that allows unauthenticated remote attackers to execute arbitrary code on affected TMEE installations.
【CVE-2025-49213, CVSS: 9.8】 TMEE has an insecure deserialization operation that allows unauthenticated remote attackers to execute arbitrary code on affected TMEE installations.
【CVE-2025-49214, CVSS: 8.8】 An attacker must first obtain the privilege to execute low-privileged code on the target system to allow an authenticated attacker to remotely execute code by performing an insecure deserialization operation in TMEE.
【CVE-2025-49215, CVSS: 8.8】 An attacker must first obtain the privilege to execute low-privileged code on the target system to allow an authenticated attacker to impact the privileges of the installation using an SQL injection vulnerability.
【CVE-2025-49216, CVSS: 9.8】 This vulnerability allows an attacker who bypasses authentication to access critical methods as an administrator and modify product configurations.
【CVE-2025-49217, CVSS: 9.8】 TMEE has an insecure deserialization operation that allows unauthenticated remote attackers to execute arbitrary code on affected TMEE installations.