AI description
CVE-2025-54987 is a command injection vulnerability affecting the on-premise version of Trend Micro Apex One. It exists within the Apex One management console and could allow a pre-authenticated, remote attacker to upload malicious code and execute commands on affected installations. The vulnerability arises from the lack of proper validation of a user-supplied string before using it to execute a system call. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture. An attacker must have access to the Trend Micro Apex One Management Console to leverage this vulnerability. Trend Micro has observed at least one instance of an attempt to actively exploit one of these vulnerabilities in the wild.
- Description
- A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture.
- Source
- security@trendmicro.com
- NVD status
- Analyzed
- Products
- apex_one
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@trendmicro.com
- CWE-78
- Hype score
- Not currently trending
Trend Micro Apex One の脆弱性(CVSS3.0スコア9.4緊急)。先週?だったかIPAもメールで緊急パッチの注意喚起してましたが、8/18に正式パッチリリースされてますね。お仕事早くて良いですね。オンプレ版Apexone お使い
@ymgcakr_
20 Aug 2025
38 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Trend Microが悪用を観測したと報告し、CISAが既知の脆弱性カタログに登録しました。 CVE-2025-54948、CVE-2025-54987 対象製品: Trend Micro Apex One 管理コンソールのコマンドインジェクション脆弱性。未認証のリモート攻
@t_nihonmatsu
19 Aug 2025
244 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
トレンドマイクロ株式会社 【注意喚起】弊社エンドポイント製品の脆弱性を悪用した攻撃を確認したことによる対応のお願い(CVE-2025-54948,CVE-2025-54987) https://t.co/88amcizZUC
@tarenyanco_10
18 Aug 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
(CVE-2025-54948、CVE-2025-54987)の対応パッチがリリースされた模様。 https://t.co/Is2s0DkslC
@MrGensui56
18 Aug 2025
119 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
トレンドマイクロ Apex Oneで複数の脆弱性-サイバー攻撃への悪用を確認(CVE-2025-54948,CVE-2025-54987) #セキュリティ対策Lab #セキュリティ #Security https://t.co/aIBreX26Uf
@securityLab_jp
12 Aug 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/oXgLWcjQlZ https://t.co/sjHN44YYJR
@IT_Peurico
12 Aug 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/ApNjRwV7f5 https://t.co/pBdLfXs6jB
@ggrubamn
12 Aug 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/rM4qLCZcG2 https://t.co/MarVUtm2d7
@dansantanna
12 Aug 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-54987 y CVE-2025-54948 vulnerabilidades de inyección de comandos que afectan a la consola de administración de Trend Micro Apex One. Un atacante no autenticado con acceso físico o de red a un equipo vulnerable puede cargar archivos arbitrarios https://t.co/GN60g
@ciberseguridadx
11 Aug 2025
50 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Flaws in Trend Micro Apex One Exploited in the Wild! Two high-severity RCE vulns (CVE-2025-54948 & CVE-2025-54987) under active attack. Patches coming mid-August—apply mitigations now! #TrendMicro #CyberAttack https://t.co/WmTIWGshQL
@CyberWolfGuard
10 Aug 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987 (CVSS:9.4, CRITICAL) is Awaiting Analysis. A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker ..https://t.co/Qg2ALiJU4b #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
10 Aug 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/EPhSh7pecS https://t.co/oK58vMKObJ
@TechMash365
9 Aug 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨🚨Two critical flaws in Trend Micro Apex One (on-prem) management console. Remote attackers can exploit pre-auth RCE, upload malicious code, and take full control. CVE-2025-54948: Hits one CPU arch hard. CVE-2025-54987: Basically the evil twin for a different CPU setup. htt
@zoomeye_team
8 Aug 2025
947 Impressions
3 Retweets
8 Likes
2 Bookmarks
0 Replies
0 Quotes
Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems. The vulnerabilities (CVE-2025-54948 and CVE-2025-54987), both rated 9.4 on the CVSS scoring system. https://t.co/nXPKboPPQN https://t.co/2Wdb4p9uXw
@riskigy
7 Aug 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/I2LOfBi6At https://t.co/bpAnK9YgWY
@Trej0Jass
7 Aug 2025
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/L8VWCtSPF1 https://t.co/9uyzoSvlRq
@Art_Capella
7 Aug 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild https://t.co/Oo7QWbYsk4 https://t.co/df0CeqJ6JP
@pcasano
7 Aug 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💡マイクロソフト、マルウェアの自動分類にAIツールを活用する「Project Ire」を発表 🚨Trend Micro Apex Oneの脆弱性が悪用される(CVE-2025-54948、CVE-2025-54987) 〜サイバーアラート8月7日〜 https://t.co/BXtTOnAeph #セキ
@MachinaRecord
7 Aug 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Breaking: Hackers exploit zero-day flaws in Trend Micro Apex One (CVE-2025-54948 & CVE-2025-54987), possibly linked to Chinese threat actors. If you use this endpoint security tool, patch NOW to avoid command injection attacks! #CyberSecurity #ZeroDay https://t.co/mCSDxQ
@SecurityHelpAi
6 Aug 2025
69 Impressions
2 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#TrendMicro ha publicado mitigaciones para abordar fallas de seguridad críticas en las versiones locales de Apex One Management Console que, según afirma, han sido explotadas de forma activa. CVE-2025-54948 y CVE-2025-54987 #2025 #Infosed #BT https://t.co/fQIGFZKCrb
@BrierandThornMX
6 Aug 2025
41 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades en los productos de Trend Micro ❗CVE-2025-54948 ❗CVE-2025-54987 ➡️Más info: https://t.co/sbe92Qtr3Z https://t.co/qYsEv59nWt
@CERTpy
6 Aug 2025
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro Apex One : l'éditeur confirme de multiples exploitations des CVE-2025-54948 et CVE-2025-54987 (CVSS 9.4) qui permettent à un attaquant pré-authentifié de téléverser et d'exécuter du code arbitraire à distance. Un contournement est à appliquer. https://t.co/5A
@cert_ist
6 Aug 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro warns of Apex One zero-day exploited in attacks Trend Micro has warned of an actively exploited remote code execution vulnerability in its Apex One endpoint security platform, tracked as CVE-2025-54948 and CVE-2025-54987. The flaw stems from a command injection issue
@dCypherIO
6 Aug 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) https://t.co/vQySu93kfQ #HelpNetSecurity #Cybersecurity https://t.co/lN5OEm9T4d
@PoseidonTPA
6 Aug 2025
81 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro confirms active exploitation of critical Apex One flaws CVE-2025-54948 and CVE-2025-54987 in on-premise systems. Mitigations are available now; full patch expected mid-August 2025. #Vulnerability #SecurityJapan #ThreatIntel https://t.co/oCvsOuXwNM
@TweetThreatNews
6 Aug 2025
111 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Trend Micro flaw (CVE-2025-54948 and CVE-2025-54987) lets attackers run code before login. Two critical bugs (CVSS 9.4) are being exploited right now in Apex One on-prem. Admins, patch fast — remote code execution is on the table. https://t.co/l34rnp3bC3
@Hackerslord_24
6 Aug 2025
97 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#TrendMicro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987) https://t.co/7ep6Pknmzi https://t.co/FsemCRuP9M
@evanderburg
6 Aug 2025
91 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Trend Micro flaw (CVE-2025-54948 and CVE-2025-54987) lets attackers run code before login. Two critical bugs (CVSS 9.4) are being exploited right now in Apex One on-prem. Admins, patch fast — remote code execution is on the table. what you need to know https://t.co/wAFjWO
@Emmythetechs
6 Aug 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 أعلنت شركة Trend Micro عن استغلال نشط لثغرات حرجة في أنظمة Apex One المحلية. أصدرت الشركة تدابير تصحيحية للثغرات (CVE-2025-54948 وCVE-2025-54987) التي تم تصنيفها بـ 9.4 على نظا
@Cybercachear
6 Aug 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Trend Micro flaw (CVE-2025-54948 and CVE-2025-54987) lets attackers run code before login. Two critical bugs (CVSS 9.4) are being exploited right now in Apex One on-prem. Admins, patch fast — remote code execution is on the table. Here’s what you need to know ↓ http
@TheHackersNews
6 Aug 2025
12567 Impressions
37 Retweets
81 Likes
14 Bookmarks
1 Reply
2 Quotes
【ApexOneの緊急脆弱性、攻撃で悪用済】 Apex Oneで確認された管理コンソールに対するコマンドインジェクションによるリモートコード実行の脆弱性(CVE-2025-54948, CVE-2025-54987) → https://t.co/P8Yqo7w7Hw > 注意:トレ
@ripjyr
6 Aug 2025
371 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-54948 & CVE-2025-54987: Trend Micro Apex One, Management Console Command Injection RCE Vulnerability (pre-authenticated). "Trend Micro has observed as least one instance of an attempt to actively exploit one of these vulnerabilities in the wild." [+] https:/
@1ZRR4H
5 Aug 2025
3074 Impressions
12 Retweets
26 Likes
12 Bookmarks
0 Replies
0 Quotes
CVE-2025-54987 A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands … https://t.co/GyznHYfNSR
@CVEnew
5 Aug 2025
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Exploited in the wild: 🟥 CVE-2025-54948 and CVE-2025-54987, CVSS: 9.4 (#Critical) Trend Micro Apex One (on-premise) version 2019 Management Server. Vulnerabilities allow pre-authenticated remote attackers to upload malicious code and execute commands. FixTool_Aug2025 htt
@UjlakiMarci
5 Aug 2025
327 Impressions
1 Retweet
3 Likes
0 Bookmarks
1 Reply
0 Quotes
[CVE-2025-54987: CRITICAL] Critical vulnerability identified in Trend Micro Apex One management console allows remote attacker to upload malicious code and execute commands on affected systems, affecting a n...#cve,CVE-2025-54987,#cybersecurity https://t.co/5ynYgItKsH https://t.c
@CveFindCom
5 Aug 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:apex_one:2019:*:*:*:on-premises:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "84F26044-A0BB-442E-93BD-E836B4DD71F4"
}
],
"operator": "OR"
}
]
}
]