Trend Micro warns of an actively exploited remote code execution vulnerability in its Apex One endpoint security platform, urging immediate action before security patches are released in mid-August 2025. The flaw, caused by command injection in the Management Console, has already seen active exploitation, and a mitigation tool is available as a short-term solution. #CVE-2025-54948 #CVE-2025-54987 #ApexOne #TrendMicro
Keypoints
- Trend Micro has identified a critical remote code execution vulnerability in Apex One, tracked as CVE-2025-54948 and CVE-2025-54987.
- The vulnerability involves command injection in the Apex One Management Console, allowing pre-authenticated attackers to execute arbitrary code remotely.
- Trend Micro has issued a mitigation tool for short-term protection but has not yet released an official security patch.
- A patch fixing the vulnerability is expected to be released around mid-August 2025, restoring full management capabilities.
- Affected users are advised to implement source restrictions and secure exposed console IPs until patches are available.