TrendAI, the new name of Trend Micro’s enterprise business, on Wednesday announced patches for several critical and high-severity vulnerabilities found in the Windows and macOS versions of the Apex One endpoint security solution.
A total of eight vulnerabilities have been addressed, including two with a critical severity rating based on their CVSS scores.
The critical flaws both impact the Trend Micro Apex One management console and “could allow a remote attacker to upload malicious code and execute commands on affected installations”.
These security holes, tracked as CVE-2025-71210 and CVE-2025-71211, are similar in scope, but they impact different executables, the cybersecurity firm noted in its advisory.
The remaining vulnerabilities — all assigned a high severity rating — can be exploited by an attacker who already has access to the targeted system to escalate privileges.
The high-severity issues have been assigned the CVE identifiers CVE-2025-71212 through CVE-2025-71217.
“Exploiting these type of vulnerabilities generally require that an attacker has access (physical or remote) to a vulnerable machine. In addition to timely application of patches and updated solutions, customers are also advised to review remote access to critical systems and ensure policies and perimeter security is up-to-date,” TrendAI explained.
All of the vulnerabilities were reported to TrendAI through the Zero Day Initiative (ZDI). Patches are available for the on-premises versions; users of SaaS versions of Apex One do not need to take any action.
TrendAI is not aware of in-the-wild exploitation, but it’s not uncommon for threat actors to exploit vulnerabilities in Apex products.
CISA’s Known Exploited Vulnerabilities (KEV) catalog currently includes 10 CVEs associated with flaws affecting Apex products.
Attribution information is rarely made public, but some attacks have been linked to Chinese hackers.
Related: Trend Micro Patches Critical Code Execution Flaw in Apex Central
Related: Taiwan Security Firm Confirms Flaw Flagged by CISA Likely Exploited by Chinese APTs
Related: Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption
