Trend Micro has released fixes for multiple Apex One vulnerabilities, ranging from High to Critical severity, including management console issues that can lead to remote code execution (RCE).

The affected CVEs range from CVE-2025-71210 to CVE-2025-71217, with CVSS v3 scores ranging from 7.2 to 9.8.​

The February 2026 advisory lists Apex One 2019 (on‑prem) on Windows and Apex One as a Service (Trend Vision One Endpoint – Standard Endpoint Protection) on Windows as affected product lines.

Trend Micro’s remediation guidance points customers to update to the latest available builds, even if earlier patches may have addressed parts of the issue.​

Two critical flaws, CVE-2025-71210 and CVE-2025-71211, are described as console directory traversal RCE vulnerabilities (CWE-22) in the Apex One management console.

These issues allow attackers to upload malicious code and execute commands on affected installations.

Trend Micro notes that exploitation requires access to the Apex One Management Console.

The company warns that externally exposed console IP addresses increase the risk and recommends applying source restrictions where they are not already in place.

The advisory also details local privilege escalation (LPE) issues affecting Windows components, including link following (CWE-59) and origin validation errors (CWE-346).

These vulnerabilities require an attacker to already have the ability to execute low-privileged code on the target endpoint.

For macOS agents, Trend Micro provides CVE references as informational, stating these were addressed earlier via ActiveUpdate/SaaS updates in mid to late 2025.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.