Jacky Hsieh

**Name of the Vulnerable Software and Affected Versions** Trend Micro Apex One (on-premise) (affected versions not specified) **Description** A vulnerability exists in the Trend Micro Apex One (on-premise) management console that could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This issue is actively exploited in the wild. The vulnerability is related to command injection within the Management Console. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Trend Micro Apex One (affected versions not specified) **Description** A vulnerability exists in the Trend Micro Apex One management console that stems from a lack of proper validation of user-supplied strings before they are used to execute system calls. Exploitation may allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar to CVE-2025-54948 but targets a different CPU architecture. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.