CVE-2025-54948

Critical KEV CVSS: 9.4

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.

Vendor

Trendmicro

Product

Apex One

CWE

CWE-78

Yayın Tarihi

2025-08-05 13:15:28

Güncelleme

2025-10-31 14:42:24

Source Identifier

security@trendmicro.com

KEV Date Added

2025-08-18

Kategoriler

CWE-78 Apex One CRITICAL Trendmicro 2025

Referanslar

https://success.trendmicro.com/en-US/solution/KA-0020652 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54948

Benzer Kayıtlar

High

CVE-2025-69259

A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create…

High

CVE-2025-69260

A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-…

Critical

CVE-2025-69258

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an atta…

Critical

CVE-2025-54987

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker…

High

CVE-2025-53378

A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services (WFBSS) agent could have all…

High

CVE-2025-53503

Trend Micro Cleaner One Pro is vulnerable to a Privilege Escalation vulnerability that could allow a local attacker to u…