PT-2025-29145 · Trend Micro · Trend Micro Worry-Free Business Security Services
Nicolas Caluori
·
Published
2025-02-21
·
Updated
2025-07-15
·
CVE-2025-53378
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Trend Micro Worry-Free Business Security Services (WFBSS) agent (affected versions not specified)
Description:
A missing authentication issue in the Trend Micro Worry-Free Business Security Services (WFBSS) agent could allow an unauthenticated attacker to remotely take control of the agent on affected installations. This issue only affected the SaaS client version of WFBSS; the on-premise version of Worry-Free Business Security was not affected.
Recommendations:
Ensure WFBSS agents are on the regular SaaS maintenance deployment schedule.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Trend Micro Worry-Free Business Security Services