Post-Authentication SQL Injection in Trend Micro Endpoint Encryption PolicyServer
CVE-2025-49218

7.7HIGH

Key Information:

Vendor

Trend Micro
Status
Trend Micro Endpoint Encryption Policy Server
Vendor
CVE Published:
17 June 2025

What is CVE-2025-49218?

A post-authentication SQL injection vulnerability exists within Trend Micro's Endpoint Encryption PolicyServer, which may enable an attacker to escalate privileges on affected installations. To successfully exploit this vulnerability, an attacker must first gain the ability to execute low-privileged code on the system. This exposure can have serious implications for system security, necessitating immediate attention from administrators to mitigate potential risks.

Affected Version(s)

Trend Micro Endpoint Encryption Policy Server 6.0 < 6.0.0.4013

References

https://success.trendmicro.com/en-US/solution/KA-0019928
https://www.zerodayinitiative.com/advisories/ZDI-25-375/

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-49218 : Post-Authentication SQL Injection in Trend Micro Endpoint Encryption PolicyServer