CVE-2025-30679
BaseFortify
Publication date: 2025-06-17
Last updated on: 2025-09-08
Assigner: Trend Micro, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| trendmicro | apex_central | 2019 |
| microsoft | windows | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-918 | The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-30679 is a Server-side Request Forgery (SSRF) vulnerability in the modOSCE component of Trend Micro Apex Central (on-premise). It occurs because the application improperly validates URIs before accessing resources, which allows a remote attacker to manipulate certain parameters and cause the system to disclose sensitive information. Exploitation requires user interaction, such as visiting a malicious webpage or opening a malicious file. [1]
How can this vulnerability impact me? :
This vulnerability can lead to information disclosure, meaning an attacker could gain access to sensitive data from affected installations of Trend Micro Apex Central. Although it does not affect system integrity or availability, the confidentiality impact is high. An attacker could exploit this remotely with low complexity but requires user interaction. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this SSRF vulnerability involves monitoring for unusual requests to the modOSCE webapp widget in Trend Micro Apex Central that manipulate URI parameters. Since exploitation requires user interaction such as visiting a malicious webpage or opening a malicious file, network traffic logs should be inspected for suspicious outbound requests originating from the affected system. Specific commands are not provided in the available resources. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to apply the update released by Trend Micro that addresses this SSRF vulnerability in the modOSCE component of Apex Central. Additionally, restricting access to the affected webapp widget and educating users to avoid interacting with untrusted links or files can help reduce risk until the patch is applied. [1]