Trend Micro warns of critical Apex One code execution flaws
Bleeping Computer
by Sergiu GatlanFebruary 26, 2026
AI-Generated Deep Dive Summary
Trend Micro has addressed two critical vulnerabilities in its Apex One endpoint security platform, both of which could allow attackers to execute malicious code remotely on Windows systems. These flaws, tracked as CVE-2025-71210 and CVE-2025-71211, stem from path traversal weaknesses in the Trend Micro Apex One Management Console. While exploitation requires access to the console, Trend Micro strongly advises users to update to the latest version immediately due to the severity of these flaws.
The vulnerabilities affect different executables within the management console, and while specific conditions must be met for exploitation, they remain a significant risk. These issues highlight the importance of securing exposed systems and implementing restrictions on console access. Trend Micro has released Critical Patch Build 14136, which not only addresses these RCE flaws but also fixes two high-severity privilege escalation issues in the Windows agent and four additional vulnerabilities impacting the macOS agent.
This latest update underscores a concerning trend: Trend Micro has previously identified multiple actively exploited Apex One vulnerabilities, including CVE-2025-54948 in August 2023 and others in September 2022 and September 2023. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) currently tracks over 10 Trend Micro Apex vulnerabilities that have been exploited in the wild, emphasizing
Verticals
securitytech
Originally published on Bleeping Computer on 2/26/2026