Trend Micro has released critical patches for its Apex One endpoint security platform to address two severe path traversal vulnerabilities, CVE-2025-71210 and CVE-2025-71211. These flaws allow unauthenticated attackers with access to the management console to execute malicious code and achieve remote code execution (RCE) on Windows systems.
While these specific vulnerabilities have not yet been observed in the wild, the Apex One platform is a frequent target for threat actors. Trend Micro urges organizations to update to SaaS versions or Critical Patch Build 14136 immediately, particularly if their management consoles are exposed to the internet, to mitigate the risk of exploitation.
Top comments (0)