CVE-2025-49220

Name of the Vulnerable Software and Affected Versions Trend Micro Apex Central versions prior to 8.0.7007

Description The issue is related to an insecure deserialization operation, which could lead to a pre-authentication remote code execution on affected installations. This vulnerability is similar to another issue but affects a different method.

Recommendations For versions prior to 8.0.7007, update to version 8.0.7007 or later to resolve the issue. As a temporary workaround, consider restricting access to the ConvertFromJson deserialization method until a patch is available.