Trend Micro tells users to patch immediately to protect from Apex One zero-day

• Trend Micro warns its customers about a critical-severity flaw in its endpoint protection solution
• It released a mitigation as it works on a patch
• Users are advised to apply the mitigations as soon as possible

Trend Micro is warning customers of an ongoing attack which abuses a critical severity vulnerability in one of its products.

The company said it recently discovered a command injection vulnerability in its on-prem version of the Apex One Management Console - an advanced endpoint security solution designed to protect enterprise networks from a wide range of threats.

The vulnerability is tracked as either CVE-2025-54948, or CVE-2025-54987, depending on the CPU architecture, and was assigned a severity score of 9.4/10 (critical). It allows threat actors to remotely run arbitrary code, including malware.