- CVE-2025-69258 in Trend Micro Apex Central allowed unauthorized DLL injection and remote code execution
- Critical Patch Build 7190 fixes this bug plus CVE-2025-69259 and CVE-2025-69260
- Trend Micro encourages immediate patching; restrictions such as disconnecting systems are only temporary safeguards
Trend Micro has fixed a critical vulnerability in Apex Central (on-premise) that allowed threat actors to run arbitrary code remotely.
Apex Central (on-premise) is a self-hosted centralized management platform for enterprise security that allows organizations to deploy and manage Trend Micro endpoint, server and workload protection products from a single console running inside their own infrastructure.
It was vulnerable to CVE-2025-69258, a flaw that allows threat actors to inject DLLs without any interaction with the victim. The bug was given a severity score of 9.8/10 (Critical).
Patching and review of systems
“A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthorized remote attacker to load an attacker-controlled DLL into an executable key, leading to the execution of attacker-supplied code under the context of SYSTEM on affected installations,” the company said in a recently published security advisory.
While there are possible limitations (such as disconnecting the system from the wider Internet), Trend Micro says the best course of action is to apply the included patch.
“In addition to timely application of patches and updated solutions, customers are also advised to review remote access to critical systems and ensure policies and perimeter security are up-to-date,” Trend Micro said.
“However, while an exploit may require several specific conditions to be met, Trend Micro strongly encourages customers to update to the latest builds as soon as possible.”
The vulnerability is fixed in Critical Patch Build 7190, which is also said to have fixed two additional bugs: CVE-2025-69259 and CVE-2025-69260. Both can be exploited by unauthorized attackers.
In mid-June 2025, Trend Micro fixed a handful of critical vulnerabilities, including some in Apex Central. The vulnerabilities were all considered critical or severe, and while there was no evidence of exploitation at the time, Trend Micro encouraged customers to apply the fix without delay.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
