Trend Micro has rolled out mitigations and plans a full patch by mid-August for critical flaws in multiple Apex One versions. These vulnerabilities permit command injection and remote code execution via the Management Console. Exploits have already surfaced, raising alarms about potential active attacks
The two high-severity bugs, tracked as CVE‑2025‑54948 and CVE‑2025‑54987, each carry a CVSS score of 9.4. Both impact on-premise Apex One Management Console installations. Trend Micro provided a temporary remediation tool to assist organizations in protecting their systems immediately
Organizations still using vulnerable versions should deploy the mitigation tool without delay. The tool disables the use of the Remote Install Agent function in the Management Console. However, alternative deployment methods—including UNC path or agent package delivery—remain functional.
These vulnerabilities represent a serious risk for enterprises managing endpoint security with Apex One. Attackers could exploit this weakness to execute unauthorized code and gain control over critical infrastructure. The timely patch release highlights the importance of maintaining proactive risk management and compliance practices.
This incident underscores that established security solutions are not immune to threats themselves. It reinforces the critical need for integrated vulnerability management, proactive detection, and GRC frameworks focused on cybersecurity resilience. Organizations are strongly advised to act now to avoid compromise.
