In a year already marked by a surge in zero-day exploits, Trend Micro once again demonstrates why it’s a global leader in proactive cybersecurity. Two recent critical vulnerabilities — one in Microsoft SharePoint and the other in Cisco Identity Services Engine (ISE) — have surfaced as major threats to enterprise environments. Thanks to the Trend Micro Zero Day Initiative (ZDI), customers were already protected months before these exploits began circulating in the wild.
Discovered during Pwn2Own Berlin 2025 by researchers from CODE WHITE GmbH, this unauthenticated remote code execution (RCE) vulnerability in Microsoft SharePoint has been weaponized in active attacks as confirmed by Microsoft on July 20, 2025.
Trend Micro’s Early Defense:
Trend Micro’s Zero Day Initiative responsibly disclosed the vulnerability to Microsoft and deployed protection for its customers via TippingPoint, mitigating risks without requiring any downtime or emergency patches.
Rated a maximum 10.0 CVSS, this critical vulnerability in Cisco Identity Services Engine (ISE and ISE-PIC) allows unauthenticated attackers to gain root access, posing an existential threat to any enterprise’s network access control layer.
Trend Micro’s Response:
This real-world exploit showcases the strength of Trend Micro’s virtual patching capability — delivering security before vendor patches are even available.
In today’s threat landscape, waiting for vendor patches is no longer an option. Trend Micro’s virtual patching gives organizations the upper hand by:
Whether you’re managing a hybrid environment or scaling across cloud, endpoint, and network, Trend Micro ensures your business stays secure — without compromise.
https://www.zerodayinitiative.com/advisories/ZDI-25-581/
https://www.zerodayinitiative.com/advisories/ZDI-25-609/
Get the latest tech news, telecom insights, and product launches wherever you prefer.
Add ProPakistani to Preferred Sources and see more of our stories in Google Search and Top Stories.