Trendmicro Apex One vulnerabilities

CVE-2025-54948 [CRITICAL] CWE-78 CVE-2025-54948: A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authentica A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.

CVE-2025-54987 [CRITICAL] CVE-2025-54987: A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authentica A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture.

CVE-2025-49156 [HIGH] CWE-269 CVE-2025-49156: A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2025-49155 [HIGH] CWE-427 CVE-2025-49155: An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module co An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to inject malicious code leading to arbitrary code execution on affected installations.

CVE-2025-49157 [HIGH] CWE-269 CVE-2025-49157: A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2025-49158 [HIGH] CWE-427 CVE-2025-49158: An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow a l An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2025-49154 [HIGH] CWE-284 CVE-2025-49154: An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an attacker must first obtain the ability to execute low-privil

CVE-2024-58104 [HIGH] CWE-269 CVE-2024-58104: A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could all A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2024-58105 [HIGH] CVE-2024-58105: A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could all A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. This CVE address an addtional bypass not covered in CVE-2024-58104. Please note: an attacker must first obtain the ability to execute low-privileged code on t

CVE-2024-55917 [HIGH] CWE-346 CVE-2024-55917: An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to esc An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2024-52050 [HIGH] CWE-59 CVE-2024-52050: A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attack A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2024-55632 [HIGH] CWE-269 CVE-2024-55632: A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker t A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2024-55631 [HIGH] CWE-269 CVE-2024-55631: An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escal An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2024-52047 [HIGH] CWE-552 CVE-2024-52047: A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2024-52048 [HIGH] CWE-266 CVE-2024-52048: A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to esc A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52049. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulne

CVE-2024-52049 [HIGH] CVE-2024-52049: A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to esc A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52048. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability

CVE-2024-39753 [HIGH] CWE-89 CVE-2024-39753: An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to exec An modOSCE SQL Injection vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2024-36302 [HIGH] CWE-346 CVE-2024-36302: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not ident

CVE-2024-36304 [HIGH] CWE-367 CVE-2024-36304: A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agen A Time-of-Check Time-Of-Use vulnerability in the Trend Micro Apex One and Apex One as a Service agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2024-36303 [HIGH] CVE-2024-36303: An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local at An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to,