[German]Brief information for administrators who use the Trend Micro Apex One security solution under Windows. The manufacturer has issued a security notice about a critical vulnerability that probably affects all versions and is also under attack. There is a Fix, and an update is advised for Mid August 2025.
Trend Micro security bulletin
Trend Micro has published the security alert ITW CRITICAL SECURITY BULLETIN: Trend Micro Apex One™ (On-Premise) Management Console Command Injection RCE Vulnerabilities on August 6, 2025 (thanks to the readers for the hints). In Apex One 2019 and Apex One All there are the two vulnerabilities CVE-2025-54948 and CVE-2025-54987, which are classified as critical and allow Remote Code Execution (RCE).
- CVE-2025-54948: Is a Management Console Command Injection RCE vulnerability that is classified as critical with a CVSSv3.1 score of 9.4.
- CVE-2025-54987: Is also a Management Console Command Injection RCE vulnerability, which is also classified as critical with a CVSSv3.1 score of 9.4.
To exploit these vulnerabilities, an attacker must usually have access (physically or remotely) to a vulnerable computer. Customers whose IP address is externally accessible to the console should therefore consider risk mitigation measures. Trend Micro has observed at least one case in which an attempt was made to actively exploit one of these vulnerabilities. The following products for Windows are affected:
- Trend Micro Apex One 2019 (on-prem) till Management Server Version 14039
- Trend Micro Apex One as a Service
- Trend Vision One™ Endpoint und Security – Standard Endpoint
Protection
The FixTool_Aug2025
is available for Trend Micro Apex One (on-premises version) to temporarily close the vulnerabilities. The fix listed in this bulletin is a short-term workaround that, according to Trend Micro, provides full protection against known exploits. However, the fix disables the ability for administrators to use the Remote Install Agent feature to deploy agents via the Trend Micro Apex One Management Console.
A critical patch for the Trend Micro Apex One Management Console is expected to be released in mid-August 2025. Trend Micro will update this article at that time. Trend Micro strongly recommends that customers update to the latest versions as soon as possible.
For Trend Micro Apex One as a Service*, Trend Vision One™ Endpoint and Security – Standard Endpoint Protection, the fix to close the vulnerabilities was implemented on July 31, 2025.
