A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.
Published: 2025-08-06
Trend Micro releases a temporary mitigation tool to reduce exposure to two unpatched zero-day command injection vulnerabilities which have been exploited.
Published: 2025-08-05
Updated: 2025-08-05
Base Score: 9.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:C
Severity: High
Base Score: 9.4
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
Severity: Critical
EPSS: 0.00213
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability of Interest