- Trend Micro fixed two critical Apex One path traversal flaws (CVE-2025-71210, CVE-2025-71211, both 9.8/10)
- Exploit requires console access
- SaaS version fixed, local patch Build 14136 released
Trend Micro says it has patched two critical vulnerabilities that could have allowed threat actors to take over vulnerable underlying systems.
In a security advisory, the company said it fixed a path traversal vulnerability in the Trend Micro Apex One management console, which is now tracked as CVE-2025-71210 and received a critical severity score of 9.8/10.
The second bug is similar in nature: a path traversal flaw in the Apex One management console, but since it affects a different executable, it is tracked as CVE-2025-71211. This one also received a critical severity rating of 9.8/10.
Patches and defenses
Apex One is an endpoint security platform for computers, servers, and other enterprise devices, designed to protect them against malware, ransomware, spyware, and other cyber threats. It combines traditional antivirus with modern threat detection technologies, such as machine learning and behavioral analysis, and comes with centralized investigation and management tools.
Defending yourself from possible attacks is relatively easy. As Trend Micro explained in the advisory, to exploit it, an attacker “must have access to the Trend Micro Apex One management console, so customers who have their console’s IP address exposed externally should consider mitigating factors such as source restrictions, if they are not already applied.”
“Although an exploit may require several specific conditions to be met, Trend Micro strongly recommends customers update to the latest versions as soon as possible,” it warned.
The Apex One SaaS version has now been fixed and the company has released the critical patch Build 14136 for on-premises customers. This patch also fixes two additional vulnerabilities in the Windows agent and four in the macOS agent.
At press time, there was no evidence that these flaws had been abused in the wild, and the US CISA has not yet added them to its catalog of known exploited vulnerabilities (KEV).
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
