Trend Micro Fixes Critical Apex One Console RCE Flaws, Releases Patch for Six More Vulnerabilities

Overview

• Two critical issues (CVE-2025-71210 and CVE-2025-71211) are path traversal bugs in the Apex One management console that can let remote attackers upload code and execute commands.
• Exploitation requires access to the management console, and customers with externally exposed console IPs are urged to enforce source restrictions.
• Eight vulnerabilities were addressed in total, including two Windows agent and four macOS agent privilege-escalation flaws tracked as CVE-2025-71212 through CVE-2025-71217.
• SaaS Apex One environments were updated by the vendor, and on-premises deployments have Critical Patch Build 14136 available now.
• All flaws were reported through the Zero Day Initiative, and Trend Micro says it has seen no in-the-wild exploitation, while CISA currently tracks 10 Apex-related CVEs in its KEV catalog.