Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.8
CVE-2025-71211: Trend Micro Apex One Management Console Malicious Code Upload Risk
CVE-2025-71211
Summary
A vulnerability in the Trend Micro Apex One management console could allow a malicious attacker to upload and run code on affected installations. This is a concern for customers who expose their console's IP address externally. Fortunately, SaaS versions are already protected and no action is required, but customers should consider applying additional security restrictions to their console.
Original title
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar i...
Original description
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable.
Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required.
For this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their console�s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied.
Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required.
For this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their console�s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied.
nvd CVSS3.1
9.8
Vulnerability type
CWE-22
Path Traversal
Published: 21 May 2026 · Updated: 27 May 2026 · First seen: 21 May 2026