Trend Micro warns of critical Apex One vulnerability

Trend Micro warns of a severe vulnerability affecting its Apex One platform requiring urgent attention.

Trend Micro alerts customers to Apex One vulnerability

Trend Micro has alerted its customers about a serious remote code execution vulnerability in its Apex One endpoint security platform. The vulnerability, identified as CVE-2025-54948 and CVE-2025-54987 based on CPU architecture, is caused by a command injection flaw in the on-premise Apex One Management Console. This issue allows pre-authenticated attackers to execute arbitrary code on unpatched systems. Although Trend Micro has not yet provided a patch, it has released a temporary mitigation tool to help protect against these attacks. The Japanese CERT has also warned users to take immediate action to safeguard their systems. Additionally, Trend Micro plans to release a security update in mid-August 2025 to resolve this vulnerability and restore functionality affected by the mitigation tool.

The security risk posed by the Apex One vulnerability highlights ongoing challenges in cybersecurity for organizations using endpoint security systems. As malicious actors become more sophisticated, reliance on timely updates and proactive security measures becomes crucial. The situation underscores the importance of maintaining robust cybersecurity practices, including restricting access to management consoles and monitoring for signs of exploitation. The delay in patches may foster an unsafe environment for affected customers.

Highlights

As the cybersecurity landscape evolves, vigilance remains essential for users of Apex One.