Trend Micro Apex One Zero-Day Vulnerabilities CVE-2025-54948 & CVE-2025-54987 Exploited

Two critical vulnerabilities in Trend Micro Apex One (on-prem) devices, tracked as CVE-2025-54948 and CVE-2025-54987, are being actively exploited by threat actors. Both vulnerabilities have a CVSS score of 9.4, indicating a high severity level, and may allow attackers to achieve remote code execution.

Trend Micro has reported at least one instance of these vulnerabilities being exploited in the wild. Apex One is an endpoint security solution that provides features like virtual patching, threat detection, URL filtering, and data encryption for enterprises.

Vulnerability Details CVE-2025-54948:

This vulnerability in the management console allows a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.

CVE-2025-54987: Similar to CVE-2025-54948, this vulnerability also enables command injection but targets a different CPU architecture.

Both vulnerabilities require the attacker to have physical or remote access to a vulnerable machine.

NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security