Apex One
CVE-2025-54948
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
Lifecycle Timeline
4DescriptionCVE.org
A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.
AnalysisAI
Trend Micro Apex One on-premise management console allows pre-authenticated remote attackers to upload malicious code and execute commands, enabling complete server compromise.
Technical ContextAI
The CWE-78 OS command injection through the management console allows pre-authenticated attackers to upload malicious payloads and execute OS commands on the Apex One server.
RemediationAI
Apply Trend Micro patches. Restrict management console access. Monitor for unauthorized policy changes across managed endpoints.
A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenticated atta
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker t
A vulnerability in Trend Micro Apex One and Trend Micro Apex One as a Service could allow an attacker to bypass the prod
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upl
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerabl
A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (11.0, XG) and Worry-Free Business Security (9.5
A file upload vulnerability in exists in Trend Micro Apex One server build 11110. Rated critical severity (CVSS 9.1), th
A forced browsing vulnerability in Trend Micro Apex One could allow an attacker with access to the Apex One console on a
CVE-2025-49155 is an uncontrolled search path vulnerability in Trend Micro Apex One's Data Loss Prevention (DLP) module
A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary c
An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1
Same weakness CWE-78 – OS Command Injection
View allSame technique Command Injection
View allShare
External POC / Exploit Code
Leaving vuln.today