Trend Micro Apex Central Widget v<8.0.6955 Unrestricted File Upload
CVE-2025-47866 Published on June 17, 2025
An unrestricted file upload vulnerability in a Trend Micro Apex Central widget below version 8.0.6955 could allow an attacker to upload arbitrary files on affected installations.
Vulnerability Analysis
CVE-2025-47866 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.
Weakness Type
Undefined Behavior for Input to API
The behavior of this function is undefined unless its control parameter is set to a specific value.
Products Associated with CVE-2025-47866
Want to know whenever a new CVE is published for TrendMicro Apex Central? stack.watch will email you.
Affected Versions
Trend Micro, Inc. Trend Micro Apex Central:- Version 8.0 and below 8.0.6955 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.