Trendmicro Trend Micro Endpoint Encryption — known CVE vulnerabilities
Every CVE whose affected-product data names Trendmicro Trend Micro Endpoint Encryption, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2025-49216 — CVSS 9.8 (critical): An authentication bypass vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to access key methods as…
CVE-2025-49217 — CVSS 9.8 (critical): An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code…
CVE-2025-49212 — CVSS 9.8 (critical): An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code…
CVE-2025-49213 — CVSS 9.8 (critical): An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a pre-authentication remote code…
CVE-2025-49214 — CVSS 8.8 (high): An insecure deserialization operation in the Trend Micro Endpoint Encryption PolicyServer could lead to a post-authentication remote code…
CVE-2025-49215 — CVSS 8.8 (high): A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges…
CVE-2025-49218 — CVSS 7.7 (high): A post-auth SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges…
CVE-2025-49211 — CVSS 7.7 (high): A SQL injection vulnerability in the Trend Micro Endpoint Encryption PolicyServer could allow an attacker to escalate privileges on…
CVE-2023-28005 — CVSS 6.8 (medium): A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical…