Particle.news
Download on the App Store
8 ARTICLES
·
2d ago

Trend Micro Warns of Actively Exploited Apex One Console Flaws

A workaround tool cuts off the Remote Install Agent to block active attacks ahead of full patches in mid-August.

Trend Micro
Trend Micro zero-day exploited
Image
Image

Overview

  • Pre-authentication command injection flaws CVE-2025-54948 and CVE-2025-54987 have been observed in at least one active exploitation attempt against on-premise Apex One consoles.
  • Both vulnerabilities carry a 9.4 CVSS score and enable unauthenticated attackers to execute arbitrary code via the management console.
  • Trend Micro’s mitigation tool fully blocks known exploits but disables the Remote Install Agent function, impacting agent deployments.
  • The Japanese CERT has issued an urgent alert echoing Trend Micro’s warning and urging immediate console access restrictions.
  • Customers are advised to tighten network controls around their consoles and install full patches slated for mid-August to restore disabled functionality.