Trend Micro Warns of Apex One Zero-Day Exploited in Attacks

Trend Micro warns of Apex One zero-day exploited in attacks

Trend Micro has warned customers to immediately secure their systems against an actively exploited remote code execution vulnerability in its Apex One endpoint security platform. [...]

CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild

Trend Micro releases a temporary mitigation tool to reduce exposure to two unpatched zero-day command injection vulnerabilities which have been exploited. Background On August 5, Trend Micro released a security advisory for two critical flaws affecting on-prem versions of Apex One Management Console. According to the advisory, Trend Micro has observed active exploitation of the vulnerabilities. CVE Description CVSSv3 CVE-2025-54987 Trend Micro…

Trend Micro Apex One Flaws Actively Exploited

Trend Micro has confirmed that critical vulnerabilities in its on-premise Apex One security solution are being actively exploited in the wild. The flaws, tracked as CVE-2025-54948 and CVE-2025-54987, both carry a severe 9.4 CVSS score and can lead to remote code execution (RCE). While Trend Micro has patched its cloud offering, on-premise customers must apply a temporary fix tool immediately to protect against these threats, with a full patch ex…

Trend Micro Apex One Flaws Exploted In The Wild (CVE-2025-54948, CVE-2025-54987) - Cybernoz - Cybersecurity News

Unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting the on-premise version of Trend Micro’s Apex One endpoint security platform are being probed by attackers, the company has warned on Wednesday. Unfortunately for those organizations that use it, a patch is still in the works and is expected to be released around the middle of August 2025. But the company has provided a “fix tool” that mitigates the risk …

Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) - Help Net Security

Critical vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting Trend Micro Apex One on-prem are being probed by attackers.

Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems

Trend Micro has released mitigations to address critical security flaws in on-premise versions of Apex One Management Console that it said have been exploited in the wild. The vulnerabilities (CVE-2025-54948 and CVE-2025-54987), both rated 9.4 on the CVSS scoring system, have been described as management console command injection and remote code execution flaws. "A vulnerability in Trend Micro