Friday , June 13 2025
Apex One

Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code

infosecbulletin 21 hours ago Alert, Vulnerabilities

Serious security vulnerabilities in Trend Micro Apex One could allow attackers to inject malicious code and elevate their privileges within the system.

The company issued emergency patches on June 9, 2025, for five vulnerabilities (CVE-2025-49154 to CVE-2025-49158) rated medium to high on the CVSS 3.0 scale.

High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation

By infosecbulletin / Friday , June 13 2025
HashiCorp has revealed a critical vulnerability in its Nomad tool that may let attackers gain higher privileges by misusing the...
Read More
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation

SoftBank: Over 137,000 personal info leaked

By infosecbulletin / Friday , June 13 2025
SoftBank has disclosed that personal information of more than 137,000 mobile subscribers—covering names, addresses, and phone numbers—might have been leaked...
Read More
SoftBank: Over 137,000 personal info leaked

Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code

By infosecbulletin / Friday , June 13 2025
Serious security vulnerabilities in Trend Micro Apex One could allow attackers to inject malicious code and elevate their privileges within...
Read More
Alert Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Action

By infosecbulletin / Thursday , June 12 2025
Aim Labs discovered a zero-click AI vulnerability named “EchoLeak” in Microsoft 365 Copilot and reported several ways to exploit it...
Read More
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Action

Adobe Releases Patch Fixing 254 Vulnerabilities With High-Severity Security Gaps

By infosecbulletin / Wednesday , June 11 2025
On Tuesday, Adobe released security updates for 254 vulnerabilities in its software, mainly affecting Experience Manager (AEM). There are 254...
Read More
Adobe Releases Patch Fixing 254 Vulnerabilities With High-Severity Security Gaps

Alert
40,000 + live internet cameras exposed globally !

By infosecbulletin / Wednesday , June 11 2025
A new report from Bitsight reveals that over 40,000 internet-connected security cameras around the world are exposed, broadcasting live footage...
Read More
Alert 40,000 + live internet cameras exposed globally !

Microsoft patch Tuesday fix exploited zero-day and 65 vuls patched

By infosecbulletin / Wednesday , June 11 2025
Microsoft's June Patch Tuesday update has arrived, addressing 66 vulnerabilities across its product line. One of these flaws was actively...
Read More
Microsoft patch Tuesday fix exploited zero-day and 65 vuls patched

84,000+ Roundcube instances vulnerable to actively exploited flaw

By infosecbulletin / Tuesday , June 10 2025
More than 84,000 Roundcube webmail installations are at risk due to CVE-2025-49113, a severe remote code execution (RCE) vulnerability that...
Read More
84,000+ Roundcube instances vulnerable to actively exploited flaw

CVE-2025-24016
Critical Wazuh RCE Actively Exploited by Mirai Botnets

By infosecbulletin / Monday , June 9 2025
The Security Intelligence and Response Team (SIRT) at Akamai has found that multiple Mirai-based botnets are exploiting CVE-2025-24016, a critical...
Read More
CVE-2025-24016 Critical Wazuh RCE Actively Exploited by Mirai Botnets

CISA Issues Seven Advisories for Industrial Control Systems (ICS)

By infosecbulletin / Sunday , June 8 2025
On June 5, 2025, CISA released seven advisories regarding Industrial Control Systems (ICS) that highlight current security issues, vulnerabilities, and...
Read More
CISA Issues Seven Advisories for Industrial Control Systems (ICS)

CVE-2025-49154: Insecure Access Control Vulnerability
An insecure access control vulnerability in Trend Micro Apex One could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations.

CVE-2025-49155: Data Loss Prevention Uncontrolled Search Path RCE Vulnerability
An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to inject malicious code leading to arbitrary code execution on affected installations.

CVE-2025-49156: Scan Engine Link Following Local Privilege Escalation Vulnerability

A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalation privileges on affected installations.

CVE-2025-49157: Damage Cleanup Engine Link Following Local Privilege Escalation Vulnerability

A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations.

CVE-2025-49158: Security Agent Uncontrolled Search Path Local Privilege Escalation Vulnerability

An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalation privileges on affected installations.

Trend Micro released patches for all identified vulnerabilities on affected platforms.

Check Also

40000 internet

Alert
40,000 + live internet cameras exposed globally !

A new report from Bitsight reveals that over 40,000 internet-connected security cameras around the world …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin