A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:HTrendmicro Apex One
APPTrendmicro2019
Related vulnerabilities
Command injection w Trend Micro Apex One – RCE bez uwierzytelnienia
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attac...
Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote a...
A path traversal vulnerability in the Trend Micro Apex One and Apex One as a Service could allow an unauthenti...
An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an ...