[Security Vulnerability Alert] The Trend Micro Apex One management console contains high-risk security vulnerabilities (CVE-2025-71210 and CVE-2025-71211). Please confirm and patch them as soon as possible.

[Security Vulnerability Alert] The Trend Micro Apex One management console contains high-risk security vulnerabilities (CVE-2025-71210 and CVE-2025-71211). Please confirm and patch them as soon as possible.

2026/3/11 ～ 2026/9/11

View Count：19

Forwarded from National Cybersecurity Information Sharing and Analysis Center: Cybersecurity Alert NISAC-200-202603-00000002

[Content Description]
Researchers have discovered a path traversal vulnerability (CVE-2025-71210 and CVE-2025-71211) in the Trend Micro Apex One management console. When the management console service of the affected product becomes accessible, an unauthenticated remote attacker could exploit this vulnerability to upload malicious files and execute arbitrary code. Please confirm and patch this vulnerability as soon as possible.

[Affected Platforms]
Trend Micro Apex One 2019 (On-prem) version

[Recommended Actions]
The official update to fix the vulnerability has been released. Please refer to the official instructions to update. The URL is as follows: https://success.trendmicro.com/en-US/solution/KA-0022458

[References]
1. https://www.zerodayinitiative.com/advisories/ZDI-26-136/
2. https://www.zerodayinitiative.com/advisories/ZDI-26-137/
3. https://success.trendmicro.com/en-US/solution/KA-0022458

[Security Vulnerability Alert] The Trend Micro Apex One management console contains high-risk security vulnerabilities (CVE-2025-71210 and CVE-2025-71211). Please confirm and patch them as soon as possible.

2026/3/11 ～ 2026/9/11

View Count：19

Files

None

【Back】