Vulnerabilidades en Trend Micro, Inc.
180 resultadosAnálisis Vexday
O portfólio de vulnerabilidades da Trend Micro, Inc. reúne 180 CVEs catalogadas, das quais 3 estão confirmadas em exploração ativa no catálogo KEV da CISA — representando uma taxa 3,7 vezes acima da média geral do catálogo, sinal que merece atenção prioritária de equipes de resposta. A falha mais crítica em exploração ativa no momento é CVE-2025-54948, com pontuação EPSS de 0,2025, indicando probabilidade relevante de exploração continuada. O tipo de falha mais recorrente é CWE-346 (validação de origem em requisições), padrão que sugere fragilidades no controle de confiança entre componentes. Com 13 CVEs de severidade crítica, 16 surgidas nos últimos 90 dias e um EPSS máximo observado de 0,6894, o ritmo de novas exposições e o potencial de exploração justificam monitoramento contínuo e aplicação ágil de correções.
CVE-2023-52093HIGHAn exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affecteEPSS 0.2%CVE-2026-45206HIGHAn origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. EPSS 0.2%CVE-2026-34930HIGHAn origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. EPSS 0.2%CVE-2026-45207HIGHAn origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. EPSS 0.2%CVE-2026-34928HIGHAn origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. EPSS 0.2%CVE-2025-53503HIGHTrend Micro Cleaner One Pro is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to unintentionally deletEPSS 0.2%CVE-2024-36473MEDIUMTrend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file overwrite or create attack but is limited to loEPSS 0.2%CVE-2023-28005MEDIUMA vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical aEPSS 0.2%CVE-2022-48191HIGHA vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can write a known malicious executable to aEPSS 0.2%CVE-2023-32555—A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalaEPSS 0.2%CVE-2023-32554—A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalaEPSS 0.2%CVE-2025-48443MEDIUMTrend Micro Password Manager (Consumer) version 5.0.0.1266 and below is vulnerable to a Link Following Local Privilege Escalation VulnerabilEPSS 0.2%CVE-2024-45335HIGHTrend Micro Antivirus One, version 3.10.4 and below contains a vulnerability that could allow an attacker to use a specifically crafted viruEPSS 0.2%CVE-2022-44651HIGHA Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalaEPSS 0.2%CVE-2025-49157HIGHA link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on afEPSS 0.2%CVE-2024-58104HIGHA vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing sEPSS 0.2%CVE-2024-58105HIGHA vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing sEPSS 0.2%CVE-2025-30641HIGHA link following vulnerability in the anti-malware solution portion of Trend Micro Deep Security 20.0 agents could allow a local attacker toEPSS 0.2%CVE-2025-30640HIGHA link following vulnerability in Trend Micro Deep Security 20.0 agents could allow a local attacker to escalate privileges on affected instEPSS 0.2%CVE-2025-52837HIGHTrend Micro Password Manager (Consumer) version 5.8.0.1327 and below is vulnerable to a Link Following Privilege Escalation Vulnerability thEPSS 0.2%