CVE-2025-30680: 
Apex Central vulnerability analysis and mitigation

CVE-2025-30680 is a Server-side Request Forgery (SSRF) vulnerability discovered in Trend Micro Apex Central (SaaS). The vulnerability was disclosed on June 17, 2025, and specifically affects the SaaS instance of Apex Central. This security flaw has been assigned a CVSS v3.1 score of 7.1 (HIGH) and is classified under CWE-918 (Server-Side Request Forgery) (NVD, Wiz).

The vulnerability exists within the implementation of the Query method in Trend Micro Apex Central (SaaS). The specific flaw stems from the lack of proper validation of a URI prior to accessing resources, which could allow an attacker to manipulate certain parameters. The vulnerability has been assigned a CVSS v3.1 Base Score of 7.1 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N, indicating network accessibility, low attack complexity, and required low privileges (ZDI Advisory).

If successfully exploited, this vulnerability could allow an authenticated attacker to disclose sensitive information in the context of the service account. The high confidentiality impact rating in the CVSS score indicates significant potential for information disclosure (ZDI Advisory).

Trend Micro has addressed this vulnerability in the March 2025 Monthly Maintenance Release for Apex Central (SaaS). Customers who automatically apply Trend Micro's monthly maintenance releases to their SaaS instance do not need to take any further action. The vulnerability only affects the SaaS instance of Apex Central (Trend Advisory).