Platform
other
Component
trend-vision-one
Fixed in
NA
CVE-2025-31282 describes a broken access control vulnerability within the Trend Vision One User Account component. This flaw allowed administrators to create users and subsequently modify their roles, potentially leading to privilege escalation and unauthorized access. While the vulnerability has been addressed on the backend service, it highlights the importance of robust access control measures. Affected versions include those prior to the fix, specifically versions ≤NA.
The primary impact of CVE-2025-31282 lies in the potential for privilege escalation. An attacker, successfully exploiting this vulnerability, could create a user account and then manipulate the account's role to gain administrative privileges. This could grant them access to sensitive data, the ability to modify system configurations, and potentially compromise the entire Trend Vision One deployment. The blast radius extends to any data or functionality accessible by administrators within the system. While the vulnerability is no longer active due to a backend fix, understanding the potential impact is crucial for assessing historical risk and ensuring ongoing security posture.
CVE-2025-31282 was disclosed on 2025-04-02. No public proof-of-concept (POC) code has been released. The vulnerability is not currently listed on CISA KEV. Given the backend fix, the probability of exploitation is considered low, but historical exposure remains a concern. The vulnerability highlights the importance of timely patching and proactive security assessments.
Exploit Status
EPSS
0.13% (33% percentile)
CISA SSVC
CVSS Vector
Although the vulnerability has been addressed on the backend service, it's crucial to review and strengthen access control configurations within Trend Vision One. Conduct a thorough audit of user roles and permissions, ensuring that the principle of least privilege is enforced. Implement multi-factor authentication (MFA) for all administrative accounts to add an extra layer of security. Regularly review audit logs for any suspicious activity related to user account creation or role modifications. Since a specific fixed version is unavailable, focus on hardening existing configurations and implementing compensating controls.
Este problema ya ha sido solucionado en el servicio backend de Trend Vision One. No se requiere ninguna acción por parte del usuario.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-31282 is a medium severity vulnerability in Trend Vision One allowing administrators to escalate privileges by manipulating user roles. It affects versions ≤NA, though the backend service has been fixed.
If you are using Trend Vision One versions prior to the backend service fix (≤NA), you were potentially affected. However, the vulnerability is no longer considered active.
While a specific version is not provided, focus on reviewing and strengthening access control configurations, enforcing least privilege, and implementing MFA.
No active exploitation has been confirmed. The vulnerability has been addressed on the backend service, significantly reducing the risk.
Refer to Trend Micro's security advisory page for the latest information and updates regarding CVE-2025-31282.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.