- Trend Micro fixed two critical Apex One path traversal vulnerabilities (CVE-2025-71210, CVE-2025-71211, both 9.8/10)
- Exploitation requires console access
- Fixed SaaS version, on-premises patch Build 14136 released
Trend Micro claims to have fixed two critical vulnerabilities that could have allowed malicious actors to take over vulnerable underlying systems.
In a security advisory, the company said it fixed a path traversal vulnerability in the Trend Micro Apex One management console, which is now tracked as CVE-2025-71210 and received a critical severity score of 9.8/10.
The second bug is similar in nature – a path traversal flaw in the Apex One management console, but since it affects a different executable, it is tracked as CVE-2025-71211. This one also received a critical severity rating of 9.8/10.
Patches and defenses
Apex One is an endpoint security platform for computers, servers and other business devices, designed to protect against malware, ransomware, spyware and other cyber threats. It combines traditional antivirus with modern threat detection technologies such as machine learning and behavioral analytics and comes with centralized management and investigation tools.
Defending yourself against potential attacks is relatively easy. As Trend Micro explains in the advisory, to exploit it, an attacker “must have access to the Trend Micro Apex One management console, so customers who have their console IP address externally exposed should consider mitigating factors such as source restrictions if they are not already enforced.”
“Even though an exploit may require several specific conditions to be met, Trend Micro strongly encourages its customers to update to the latest versions as soon as possible,” it warns.
The Apex One SaaS version has already been patched and the company has released Critical Patch Build 14136 for on-premises customers. This patch also addresses two additional vulnerabilities in Windows Agent and four in macOS Agent.
At press time, there was no evidence that these flaws had been exploited in the wild, and the US CISA has not yet added them to its catalog of known exploited vulnerabilities (KEV).
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
