As the security landscape continues to evolve, organizations using Trend Micro’s Apex One solution are facing critical vulnerabilities that require immediate attention. The company has issued a security bulletin highlighting two severe command injection RCE (Remote Code Execution) vulnerabilities in their management console software, which could potentially allow attackers unauthorized access and control over affected systems. These flaws have been assigned the Common Vulnerabilities and Exposures (CVE) identifiers CVE-2025-54948 and CVE-2025-54987, both rated with a CVSSv3.1 score of 9.4, indicating critical severity.
The affected products include Trend Micro Apex One 2019 and the as-a-service versions. The issue arises due to improper validation or sanitization of input within the management console, leading to command injection vulnerabilities that could be exploited by attackers with physical or remote access to vulnerable machines. This is particularly concerning for customers whose IP addresses are externally accessible, making them a prime target for potential exploitation.
Trend Micro has released an interim fix, FixTool_Aug2025, designed to mitigate these risks immediately but at the cost of deactivating certain functionalities such as the Remote Install Agent function used by administrators. A permanent patch is expected in mid-August 2025 and customers are advised to update their systems to the latest versions as soon as possible to protect against known exploits.
It’s important for organizations to stay informed about these vulnerabilities and take proactive steps to secure their environments, such as restricting external access to management consoles or implementing additional security measures. The company also provides resources like security bulletins and updates through its support channels to help customers manage and mitigate risks effectively.
Keeping Your Organization Safe Amidst Cybersecurity Challenges
SecurityWeek reports on the latest developments in cybersecurity, including critical vulnerabilities affecting enterprise solutions like Trend Micro Apex One. Their articles provide detailed analyses of how these vulnerabilities could impact businesses and offer insights into best practices for mitigation strategies.
Similar questions
What are CVE identifiers?
Why are these vulnerabilities rated as critical severity?
How can attackers exploit the command injection RCE flaws?
Which products are affected by these vulnerabilities?
What is the CVSSv3.1 score and why does it matter here?
What does Trend Micro’s FixTool_Aug2025 do exactly?
Why would deactivating functionalities like Remote Install Agent be necessary?
When is the permanent patch expected to be released?
How can organizations protect themselves from these vulnerabilities in the meantime?
Where can customers find additional security resources and updates from Trend Micro?