← back
CVE-2025-54948

CVE-2025-54948

CVSS 9.4 CRITICALEPSS 20.3%● KEVCWE-78
In short

A flaw in Trend Micro Apex One's management console lets someone upload and run malicious code without needing to log in first. This is serious because attackers can take full control of the security system protecting an organization's computers.

Technical detail

CWE-78 (OS Command Injection) in the Apex One on-premise management console allows pre-authenticated remote code execution via unrestricted file upload functionality. The vulnerability enables arbitrary command execution on the affected system without prior authentication, resulting in complete compromise of the security infrastructure.

Summary generated and translated by AI from the official description.
A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
Affected products
Trend Micro, Inc. · Trend Micro Apex One

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://success.trendmicro.com/en-US/solution/KA-0020652https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54948