What is Trend Micro Apex Central vulnerability CVE-2025-69258?

CVE-2025-69258 is a critical vulnerability in Trend Micro Apex Central allowing remote attackers to execute arbitrary code without interaction.

How can I fix the Trend Micro Apex Central security flaw?

Apply Critical Patch Build 7190 released by Trend Micro immediately. Review remote access and perimeter security policies.

Was Trend Micro Apex Central exploited before the patch?

There was no evidence of abuse for these specific vulnerabilities at the time of the patch release.

Home / Technology / Trend Micro Patches Critical Apex Central Vulnerability

Trend Micro Patches Critical Apex Central Vulnerability

12 Jan

•

Summary

Critical vulnerability CVE-2025-69258 in Apex Central allowed remote code execution.
The bug required no victim interaction for exploitation by threat actors.
Trend Micro urges immediate patching, with Critical Patch Build 7190 providing fixes.

Trend Micro Patches Critical Apex Central Vulnerability

Trend Micro has issued a critical patch for its Apex Central (on-premise) management platform, addressing a severe vulnerability identified as CVE-2025-69258. This flaw permitted unauthenticated remote attackers to inject malicious DLLs and execute arbitrary code with SYSTEM privileges on affected installations. The vulnerability was given a critical severity score of 9.8 out of 10, highlighting the significant risk it posed to enterprise security.

The company strongly encourages all customers to apply Critical Patch Build 7190 as soon as possible. This update not only fixes the primary vulnerability but also resolves two additional flaws, CVE-2025-69259 and CVE-2025-69260, which could also be exploited by unauthenticated attackers. Trend Micro emphasizes that while temporary safeguards like system isolation can be employed, they are not a substitute for the permanent fix provided by the patch.