PT-2025-31926 · Trend Micro · Trend Micro Apex One

Jacky Hsieh

Published

2025-08-05

Updated

2025-08-06

CVE-2025-54987

Report an issue

CVSS v3.1

9.4

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

Name of the Vulnerable Software and Affected Versions:

Trend Micro Apex One (affected versions not specified)

Description:

A vulnerability in the Trend Micro Apex One management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This issue is similar to another vulnerability but targets a different CPU architecture.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

OS Command Injection

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2025-54987

ZDI-25-772

Affected Products

Trend Micro Apex One

PT-2025-31926 · Trend Micro · Trend Micro Apex One

Weakness Enumeration

Related Identifiers

Affected Products

References · 17