CVE-2025-47865
Published: 17 June 2025
Summary
CVE-2025-47865 is a high-severity Undefined Behavior for Input to API (CWE-475) vulnerability in Trendmicro Apex Central. Its CVSS base score is 7.5 (High).
Operationally, ranked in the top 17.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
A Local File Inclusion vulnerability affects a widget component in Trend Micro Apex Central versions below 8.0.6955. Tracked as CVE-2025-47865 with a CVSS 3.1 score of 7.5, the flaw stems from improper handling that can be abused to include arbitrary local files and ultimately execute attacker-controlled code on the server.
An authenticated attacker with low privileges can reach the vulnerable widget over the network. Although the attack requires high complexity and no user interaction, successful exploitation grants remote code execution with full impact on confidentiality, integrity, and availability of the Apex Central installation.
Advisories published by Trend Micro and the Zero Day Initiative at the referenced URLs describe the affected widget and the version that resolves the issue. The current EPSS score of 0.0171 with a peak of 0.0190 indicates low and stable exploitation interest since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-18519
Vulnerability details
A Local File Inclusion vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to gain remote code execution on affected installations.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.