- Trend Micro warns his clients of an error in critical difficulty in its end point protection solution
- It released a remedy as it works on a patch
- Users are advised to apply the moldings as soon as possible
Trend Micro warns customers of an ongoing attack that abuses a critical severity vulnerability in one of its products.
The company said it recently discovered a vulnerability in command injection in its on -prem version of Apex One Management Console – an advanced endpoint security solution designed to protect corporate networks from a wide range of threats.
Vulnerability is traced as either CVE-2025-54948 or CVE-2025-54987, depending on the CPU architecture, and was awarded a severity of 9.4/10 (critical). It allows threat actors to run raised arbitrary code, including malware.
Working on a patch
Trend Micro said it is aiming to release a patch in mid -August 2025, which should also restore this feature.
“For this particular vulnerability, an attacker must have access to the trend micro -top a management console, so that customers who have their consoles IP address exposed to externally should consider mitigating factors, such as source restrictions, if they are not already used,” the company said.
“While exploitation may require that several specific conditions be met, Trend Micro strongly urges customers to update to the latest builds as soon as possible.”
So far, the company has seen at least one attack that takes place in nature, although it was not detailed where, against whom, if it was effective or who the threat actors are.
Since Apex one is mostly used in corporate environments and the error allows the performance of the remote code, it is safe to assume that Miscreants use it to drop infosteals and ransomware encrypters while stealing sensitive files for extortion.
As the shortcomings that are now being abused in nature, trendmicro released a mitigation measure to help defend its customers when it works on a patch. According to the Japanese certificate, the mitigation disables administrators from using the external installation agent function to implement agents from the console.
Via Bleeping computer
