Trend Micro has released patches for two critical remote code execution vulnerabilities in its Apex One endpoint platform caused by path traversal flaws in the management console. Customers with externally exposed Apex One consoles should install Critical Patch Build 14136 or apply the SaaS updates immediately to mitigate these issues and related agent fixes. #TrendMicro #ApexOne
Keypoints
- Trend Micro patched two critical Apex One vulnerabilities that enable remote code execution on Windows systems.
- CVE-2025-71210 is a path traversal flaw in the Apex One management console that can allow attackers without privileges to execute code.
- CVE-2025-71211 is a similar path traversal vulnerability affecting a different Apex One executable.
- Exploitation requires access to the Apex One Management Console, so externally exposed console IPs should use source restrictions and other mitigations.
- The fixes are included in SaaS updates and Critical Patch Build 14136, which also addresses additional high-severity agent issues; CISA tracks multiple exploited Apex vulnerabilities.