Trend Micro Apex One Zero-Day Vulnerability Enables Attackers to Inject Malicious Code

Trend Micro has issued an urgent security bulletin addressing five critical vulnerabilities in its Apex One endpoint security platform that could allow attackers to execute arbitrary code and escalate privileges on affected systems.

The vulnerabilities, assigned CVE identifiers CVE-2025-49154 through CVE-2025-49158, were disclosed on June 9, 2025, with CVSS scores ranging from 6.7 to 8.8, indicating medium to high severity ratings.

The security flaws affect both Apex One 2019 (On-premises) and Apex One as a Service installations running on Windows platforms.

Given my work in cybersecurity news and vulnerability analysis1516, this represents a significant security update that organizations using Trend Micro’s enterprise security solutions must address immediately.

Critical Vulnerabilities Identified

The most severe vulnerability, CVE-2025-49154, carries a CVSS score of 8.7 and involves improper access control mechanisms.

This flaw allows local attackers to overwrite key memory-mapped files, potentially compromising system security and stability.

The vulnerability exists ...