Cyber Resilience

CVE-2025-47865

High

Published: 17 June 2025

Published
17 June 2025
Modified
08 September 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0171 82.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-47865 is a high-severity Undefined Behavior for Input to API (CWE-475) vulnerability in Trendmicro Apex Central. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 17.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

A Local File Inclusion vulnerability affects a widget component in Trend Micro Apex Central versions below 8.0.6955. Tracked as CVE-2025-47865 with a CVSS 3.1 score of 7.5, the flaw stems from improper handling that can be abused to include arbitrary local files and ultimately execute attacker-controlled code on the server.

An authenticated attacker with low privileges can reach the vulnerable widget over the network. Although the attack requires high complexity and no user interaction, successful exploitation grants remote code execution with full impact on confidentiality, integrity, and availability of the Apex Central installation.

Advisories published by Trend Micro and the Zero Day Initiative at the referenced URLs describe the affected widget and the version that resolves the issue. The current EPSS score of 0.0171 with a peak of 0.0190 indicates low and stable exploitation interest since disclosure.

EU & UK References

Vulnerability details

A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote code execution on affected installations.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

trendmicro
apex central
2019

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References