CVE-2025-49487

{"id": "CVE-2025-49487", "cveTags": [{"tags": ["exclusively-hosted-service"], "sourceIdentifier": "security@trendmicro.com"}], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security@trendmicro.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2025-06-17T19:15:34.180", "references": [{"url": "https://success.trendmicro.com/en-US/solution/KA-0019936", "tags": ["Vendor Advisory"], "source": "security@trendmicro.com"}, {"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-360/", "tags": ["Third Party Advisory"], "source": "security@trendmicro.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@trendmicro.com", "description": [{"lang": "en", "value": "CWE-427"}]}], "descriptions": [{"lang": "en", "value": "An uncontrolled search path vulnerability in the Trend Micro Worry-Free Business Security Services (WFBSS) agent could have allowed an attacker with physical access to a machine to execute arbitrary code on affected installations.\r\n\r\nAn attacker must have had physical access to the target system in order to exploit this vulnerability due to need to access a certain hardware component.\r\n\r\nAlso note: this vulnerability only affected the SaaS client version of WFBSS only, meaning the on-premise version of Worry-Free Business Security was not affected, and this issue was addressed in a previous WFBSS monthly maintenance update. Therefore no other customer action is required to mitigate if the WFBSS agents are on the regular SaaS maintenance deployment schedule and this disclosure is for informational purposes only."}, {"lang": "es", "value": "Una vulnerabilidad de ruta de b\u00fasqueda no controlada en el agente de Trend Micro Worry-Free Business Security Services (WFBSS) podr\u00eda haber permitido que un atacante con acceso f\u00edsico a una m\u00e1quina ejecutara c\u00f3digo arbitrario en las instalaciones afectadas. Un atacante debe haber tenido acceso f\u00edsico al sistema objetivo para explotar esta vulnerabilidad debido a la necesidad de acceder a un componente de hardware espec\u00edfico. Nota: Esta vulnerabilidad solo afect\u00f3 a la versi\u00f3n cliente SaaS de WFBSS, lo que significa que la versi\u00f3n local de Worry-Free Business Security no se vio afectada. Este problema se solucion\u00f3 en una actualizaci\u00f3n de mantenimiento mensual anterior de WFBSS. Por lo tanto, no se requiere ninguna otra acci\u00f3n del cliente para mitigarlo si los agentes de WFBSS se encuentran en el programa de implementaci\u00f3n de mantenimiento SaaS regular. Esta divulgaci\u00f3n es solo para fines informativos."}], "lastModified": "2025-10-09T17:03:22.883", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security_services:*:*:*:*:saas:*:*:*", "vulnerable": true, "matchCriteriaId": "661DB84A-9A36-4297-9ED9-211C222EEB80", "versionEndExcluding": "6.7.3954", "versionStartIncluding": "6.7.0.0"}, {"criteria": "cpe:2.3:a:trendmicro:worry-free_business_security_services:*:*:*:*:saas:*:*:*", "vulnerable": true, "matchCriteriaId": "0BDE03F7-BC04-48CA-B03B-893489B41F5F", "versionEndExcluding": "14.3.1299", "versionStartIncluding": "14.0.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "security@trendmicro.com"}