← back
CVE-2025-47867

CVE-2025-47867

CVSS 7.5 HIGHEPSS 1.3%CWE-74
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.5EPSS 1.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
17 Jun 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A Local File Inclusion vulnerability in a Trend Micro Apex Central widget in versions below 8.0.6955 could allow an attacker to include arbitrary files to execute as PHP code and lead to remote code execution on affected installations.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Trend Micro, Inc. · Trend Micro Apex Central

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://success.trendmicro.com/en-US/solution/KA-0019355https://www.zerodayinitiative.com/advisories/ZDI-25-297/