InfoSecBulletin Cybersecurity for mankind
Trend Micro fixed two serious vulnerabilities in Apex One that let attackers execute remote code on affected Windows systems. Apex One is an endpoint security platform that identifies and addresses security threats like malware, spyware, and vulnerabilities.
The first critical Apex One security flaw patched this week (CVE-2025-71210) is due to a path traversal weakness in the Trend Micro Apex One management console, allowing attackers without privileges to execute malicious code on unpatched systems.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CVE-2025-71211 is another path traversal vulnerability in the Apex One management console, similar to CVE-2025-71210 but impacting a different executable.
As Trend Micro explained in a Tuesday security advisory, successful exploitation requires attackers to “have access to the Trend Micro Apex One Management Console, so customers that have their console’s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied.”
“Even though an exploit may require several specific conditions to be met, Trend Micro strongly encourages customers to update to the latest builds as soon as possible,” it warned.
Trend Micro has released Critical Patch Build 14136 to fix important vulnerabilities in SaaS Apex One, including two severe privilege escalation issues in the Windows agent and four in the macOS agent.
While Trend Micro has not flagged these vulnerabilities as exploited in the wild, threat actors have abused other Apex One in attacks over the last several years.
For instance, Trend Micro warned customers to patch an actively exploited Apex One RCE vulnerability (CVE-2025-54948) in August 2025, and addressed two other Apex One zero-days exploited in the wild in September 2022 (CVE-2022-40139) and in September 2023 (CVE-2023-41179).
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) currently track 10 Trend Micro Apex vulnerabilities that have either been or are still being exploited in the wild.
