AI description
CVE-2025-54948 is a command injection vulnerability that affects the on-premise version of Trend Micro Apex One. It exists within the Apex One management console, which listens on TCP ports 8080 and 4343 by default. The vulnerability stems from the lack of proper validation of a user-supplied string before using it to execute a system call. A pre-authenticated remote attacker could exploit this vulnerability to upload malicious code and execute commands on affected installations. This could allow an attacker to execute code in the context of IUSR. Trend Micro has observed attempts to actively exploit this vulnerability in the wild. A temporary fix is available, and a formal patch is expected in mid-August 2025.
- Description
- A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.
- Source
- security@trendmicro.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.4
- Impact score
- 5.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
- Severity
- CRITICAL
- security@trendmicro.com
- CWE-78
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
14
Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems. The vulnerabilities (CVE-2025-54948 and CVE-2025-54987), both rated 9.4 on the CVSS scoring system. https://t.co/nXPKboPPQN https://t.co/2Wdb4p9uXw
@riskigy
7 Aug 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/I2LOfBi6At https://t.co/bpAnK9YgWY
@Trej0Jass
7 Aug 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/L8VWCtSPF1 https://t.co/9uyzoSvlRq
@Art_Capella
7 Aug 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro 製品の脆弱性対策について(CVE-2025-54948等) | 情報セキュリティ | IPA 独立行政法人 情報処理推進機構 https://t.co/c5aH2TYvCZ
@fyi787
7 Aug 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro 製品の脆弱性対策について(CVE-2025-54948等) https://t.co/kAyrBwg1st
@ICATalerts
7 Aug 2025
4289 Impressions
17 Retweets
9 Likes
1 Bookmark
0 Replies
2 Quotes
IPA 重要 | Trend Micro 製品の脆弱性対策について(CVE-2025-54948等) https://t.co/e5RHnISa4J #itsec_jp
@itsec_jp
7 Aug 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/Oo7QWbYsk4 https://t.co/df0CeqJ6JP
@pcasano
7 Aug 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💡マイクロソフト、マルウェアの自動分類にAIツールを活用する「Project Ire」を発表 🚨Trend Micro Apex Oneの脆弱性が悪用される(CVE-2025-54948、CVE-2025-54987) 〜サイバーアラート8月7日〜 https://t.co/BXtTOnAeph #セキ
@MachinaRecord
7 Aug 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Breaking: Hackers exploit zero-day flaws in Trend Micro Apex One (CVE-2025-54948 & CVE-2025-54987), possibly linked to Chinese threat actors. If you use this endpoint security tool, patch NOW to avoid command injection attacks! #CyberSecurity #ZeroDay https://t.co/mCSDxQ
@SecurityHelpAi
6 Aug 2025
69 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#TrendMicro ha publicado mitigaciones para abordar fallas de seguridad críticas en las versiones locales de Apex One Management Console que, según afirma, han sido explotadas de forma activa. CVE-2025-54948 y CVE-2025-54987 #2025 #Infosed #BT https://t.co/fQIGFZKCrb
@BrierandThornMX
6 Aug 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades en los productos de Trend Micro ❗CVE-2025-54948 ❗CVE-2025-54987 ➡️Más info: https://t.co/sbe92Qtr3Z https://t.co/qYsEv59nWt
@CERTpy
6 Aug 2025
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro Apex One : l'éditeur confirme de multiples exploitations des CVE-2025-54948 et CVE-2025-54987 (CVSS 9.4) qui permettent à un attaquant pré-authentifié de téléverser et d'exécuter du code arbitraire à distance. Un contournement est à appliquer. https://t.co/5A
@cert_ist
6 Aug 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro warns of Apex One zero-day exploited in attacks Trend Micro has warned of an actively exploited remote code execution vulnerability in its Apex One endpoint security platform, tracked as CVE-2025-54948 and CVE-2025-54987. The flaw stems from a command injection issue
@dCypherIO
6 Aug 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) https://t.co/vQySu93kfQ #HelpNetSecurity #Cybersecurity https://t.co/lN5OEm9T4d
@PoseidonTPA
6 Aug 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro confirms active exploitation of critical Apex One flaws CVE-2025-54948 and CVE-2025-54987 in on-premise systems. Mitigations are available now; full patch expected mid-August 2025. #Vulnerability #SecurityJapan #ThreatIntel https://t.co/oCvsOuXwNM
@TweetThreatNews
6 Aug 2025
111 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro warns of active exploitation of a zero-day in Apex One (CVE-2025-54948/54987) via command injection in the Management Console. Immediate mitigation is available before patches in mid-August 2025. #ApexOne #ZeroDay #Australia https://t.co/dHDQO26Jet
@TweetThreatNews
6 Aug 2025
123 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Trend Micro flaw (CVE-2025-54948 and CVE-2025-54987) lets attackers run code before login. Two critical bugs (CVSS 9.4) are being exploited right now in Apex One on-prem. Admins, patch fast — remote code execution is on the table. https://t.co/l34rnp3bC3
@Hackerslord_24
6 Aug 2025
97 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#TrendMicro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) https://t.co/7ep6Pknmzi https://t.co/FsemCRuP9M
@evanderburg
6 Aug 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Trend Micro flaw (CVE-2025-54948 and CVE-2025-54987) lets attackers run code before login. Two critical bugs (CVSS 9.4) are being exploited right now in Apex One on-prem. Admins, patch fast — remote code execution is on the table. what you need to know https://t.co/wAFjWO
@Emmythetechs
6 Aug 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أعلنت شركة Trend Micro عن استغلال نشط لثغرات حرجة في أنظمة Apex One المحلية. أصدرت الشركة تدابير تصحيحية للثغرات (CVE-2025-54948 وCVE-2025-54987) التي تم تصنيفها بـ 9.4 على نظا
@Cybercachear
6 Aug 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Trend Micro flaw (CVE-2025-54948 and CVE-2025-54987) lets attackers run code before login. Two critical bugs (CVSS 9.4) are being exploited right now in Apex One on-prem. Admins, patch fast — remote code execution is on the table. Here’s what you need to know ↓ http
@TheHackersNews
6 Aug 2025
12567 Impressions
37 Retweets
81 Likes
14 Bookmarks
1 Reply
2 Quotes
JPCERT/CCが悪用を確認した脆弱性 #KEV を注意喚起しました。 🛡️CVE-2025-54948 管理コンソールに対するコマンドインジェクションによるリモートコード実行の脆弱性 ============= CVSSスコア:9.4 (Base) / Trend Micro CVSSv
@piyokango
6 Aug 2025
4635 Impressions
2 Retweets
13 Likes
2 Bookmarks
0 Replies
0 Quotes
【ApexOneの緊急脆弱性、攻撃で悪用済】 Apex Oneで確認された管理コンソールに対するコマンドインジェクションによるリモートコード実行の脆弱性(CVE-2025-54948, CVE-2025-54987) → https://t.co/P8Yqo7w7Hw > 注意:トレ
@ripjyr
6 Aug 2025
371 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-54948 & CVE-2025-54987: Trend Micro Apex One, Management Console Command Injection RCE Vulnerability (pre-authenticated). "Trend Micro has observed as least one instance of an attempt to actively exploit one of these vulnerabilities in the wild." [+] https:/
@1ZRR4H
5 Aug 2025
3074 Impressions
12 Retweets
26 Likes
12 Bookmarks
0 Replies
0 Quotes
CVE-2025-54948 A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands … https://t.co/rxBNRRkQzJ
@CVEnew
5 Aug 2025
100 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploited in the wild: 🟥 CVE-2025-54948 and CVE-2025-54987, CVSS: 9.4 (#Critical) Trend Micro Apex One (on-premise) version 2019 Management Server. Vulnerabilities allow pre-authenticated remote attackers to upload malicious code and execute commands. FixTool_Aug2025 htt
@UjlakiMarci
5 Aug 2025
327 Impressions
1 Retweet
3 Likes
0 Bookmarks
1 Reply
0 Quotes
[CVE-2025-54948: CRITICAL] Critical vulnerability in Trend Micro Apex One enables remote attackers to upload and execute malicious code on affected systems. Ensure security patches are up to date.#cve,CVE-2025-54948,#cybersecurity https://t.co/9CywcR43Cs https://t.co/iXd327f25v
@CveFindCom
5 Aug 2025
77 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes