CVE-2025-54948: Trend Micro Apex One OS Command Injection Vulnerability.
Trend Micro Apex One OS Command Injection Vulnerability. Trend Micro Apex One Management Console (on-premise) contains an OS command injection vulnerability that could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.
- CISA KEV-listed (remediation due 2025-09-08)
- EPSS 13.9% (94.5% percentile)