AI description
CVE-2025-69258 is a LoadLibraryEX vulnerability identified in Trend Micro Apex Central, specifically affecting its on-premise Windows versions. This flaw enables an unauthenticated remote attacker to load a malicious Dynamic Link Library (DLL) into a critical executable, such as `MsgReceiver.exe`, within the affected system. Successful exploitation of this vulnerability allows the attacker to execute arbitrary code with SYSTEM-level privileges on the compromised installation. The attack can be carried out by sending a specially crafted message, specifically `0x0a8d` ("SC_INSTALL_HANDLER_REQUEST"), to the `MsgReceiver.exe` component, which typically listens on TCP port 20001. No user interaction or prior authentication is required for an attacker to leverage this vulnerability.
- Description
- A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.
- Source
- security@trendmicro.com
- NVD status
- Analyzed
- Products
- apex_central
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security@trendmicro.com
- CWE-120
- Hype score
- Not currently trending
🚨 NoName057 [Critical] Jan 14, 2026 This report analyzes a critical security vulnerability affecting Trend Micro Apex Central, a self-hosted centralized management platform for enterprise security. The vulnerability, identified as CVE-2025-69258, allows unauthenticated remote.
@transilienceai
14 Jan 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
トレンドマイクロ Apex Centralに複数の脆弱性(CVE-2025-69258 / 69259 / 69260) https://t.co/IfJBcL9D3B #セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃
@securityLab_jp
12 Jan 2026
57 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️Trend Micro Apex Central Multiple Vulnerabilities CVE: CVE-2025-69258 (CVSS: 9.8) CVE-2025-69259 (CVSS: 7.5) CVE-2025-69260 (CVSS: 7.5) CWE: CWE-1285, CWE-306, CWE-641 PoC/Writeup: https://t.co/eoXIY49zEE Disclosure Date: January 7. 2026 Disclosure: https://t.co/1VnRf
@DarkWebInformer
12 Jan 2026
2890 Impressions
3 Retweets
13 Likes
7 Bookmarks
0 Replies
1 Quote
⚠️ Vulnerabilidades en productos Trend Micro ❗ CVE-2025-69260 ❗ CVE-2025-69259 ❗ CVE-2025-69258 ➡️ Más info: https://t.co/3i7fXlkr2w https://t.co/WOINIc7HzF
@CERTpy
12 Jan 2026
91 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Trend Micro Patches Apex Central 9.8 Rated RCE Flaw: CVE-2025-69258 #CybersecurityNews #cyashadotcom #VenezuelaInvasion https://t.co/AVh8nNiGB6
@cyashadotcom
12 Jan 2026
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Upozorňujeme na kritickou zranitelnost v Trend Micro Apex Central (on-premise), CVE-2025-69258. Zranitelnost typu Remote Code Execution vyplývá z chyby v LoadLibraryEX, která umožňuje neautentizovanému vzdálenému útočníkovi načíst škodlivé DLL soubory a spust
@GOVCERT_CZ
12 Jan 2026
157 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 Trend Micro has released security updates to address vulnerabilities in Apex Central for Windows, including a critical bug resulting in code execution. CVE-2025-69258 scores 9.8/10! #Security #Vulnerabilities #CVE Details: https://t.co/RtcvmrzXT8
@HackingRabbitS
12 Jan 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Week in Review: Public PoC Drops for Trend Micro Apex Central Unauth RCE (CVE-2025-69258) as Patch Tuesday Looms Help Net Security’s weekly roundup spotlights a newly released proof-of-concept for an unauthenticated RCE in Trend Micro Apex Central and reinforces urgent pat
@ThreatSynop
11 Jan 2026
109 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical RCE vulns hitting hard: Trend Micro Apex Central (CVE-2025-69258 PoC out) & HPE OneView (CVE-2025-37164 in CISA KEV). Plus, n8n’s “Ni8mare” (CVE-2026-21858, CVSS 10) fueling cloud intrusions. #CyberSecurity
@huntthethreat
11 Jan 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The article highlights several critical cybersecurity developments from the past week. A proof-of-concept (PoC) for a remote code execution (RCE) vulnerability in Trend Micro Apex Central, tracked as CVE-2025-69258, has been released. This flaw allows unauthenticated attackers to
@ox0ffff
11 Jan 2026
170 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-69258- No Login, Total Control: How the Apex Central 'MsgReceiver' Flaw Exposes Global Endpoints Read the full report on - https://t.co/F5sMbVSwae https://t.co/h30h1UGuWM
@cyberbivash
10 Jan 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔐 Daily Cyber & Tech Update:- 💻 Critical RCE flaw patched in Trend Micro Apex Central👇 Trend Micro released an urgent security update fixing multiple vulnerabilities in on-prem Apex Central, including a critical remote code execution (CVE-2025-69258, CVSS 9.8) that
@ritzsec
10 Jan 2026
115 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258) - Help Net Security https://t.co/wcnZhPeLX2 https://t.co/DYseRXuAG6
@AMLMidlandsLtd
10 Jan 2026
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro released security updates for multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that results in arbitrary code execution. Tracked as CVE-2025-69258, with a CVSS score of 9.8. https://t.co/JF4mFDP1hE h
@riskigy
10 Jan 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Trend Micro fixed a critical RCE in Apex Central (CVE-2025-69258) impacting build 7190. If you run Apex Central on-prem, treat this as an emergency patching item. Management consoles are high-value targets. What to do now: • Identify affected Apex Central instances (build
@Anavem_
10 Jan 2026
94 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro corrige une faille critique (CVE-2025-69258) dans Apex Central, permettant une exécution de code à distance via une DLL malveillante. Mise à jour urgente requise. #Cybersecurity #Vulnerability https://t.co/Gk3WIXXNj3 @esante_gouv_fr
@cyberwatcher_
9 Jan 2026
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro fixed three Apex Central RCE/DoS flaws (CVE-2025-69258/59/60) disclosed by Tenable - update now. https://t.co/eP6GrNuITX #infosec #CVE2025-69258 #TrendMicro
@CyberDaily_News
9 Jan 2026
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro releases critical patches for 3 Apex Central flaws enabling remote code execution and DoS. All on-prem builds below 7190 affected, CVE-2025-69258 rated 9.8. Update immediately. #Vulnerabilities https://t.co/xN6ec70yG7
@threatcluster
9 Jan 2026
54 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🖥 Daily Security Wrap-Up: Friday 9th January, 2026 ⚠ Iranian protests spark Country-wide Blackout ⚠ Critical Trend Micro Apex Central RCE Disclosed (CVE-2025-69258) ⚠ Microsoft 'finally' enforces mandatory admin MFA for M365 Portals ⚠ OWASP CRS (Core Ruleset) Vulnerab
@GatoiGB
9 Jan 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
6 Replies
0 Quotes
🚨 Trend Micro Patches Critical Apex Central RCE (CVE-2025-69258) After Tenable PoC Disclosure Trend Micro fixed three Apex Central flaws, including a critical unauthenticated RCE (CVE-2025-69258, CVSS 9.8) where attackers can coerce MsgReceiver.exe to load a malicious DLL and
@ThreatSynop
9 Jan 2026
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚡️ Cybersecurity Developments in the Last 12 Hours ⚡️ 🚨 Trend Micro has patched a critical RCE in Apex Central (CVE-2025-69258) that allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges via malicious DLL injection, and customers are urged
@greytech_ltd
9 Jan 2026
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Security Bulletin: Apex Central (CVE-2025-69258, CVSS 9.8) enables unauthenticated RCE via DLL injection, resulting in SYSTEM-level code execution. Apply Patch Build 7190 now. #ThreatIntel #RedLeggCTI https://t.co/w2PMif3QQ8
@RedLegg
9 Jan 2026
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro patches three critical vulnerabilities in Apex Central, including RCE flaw CVE-2025-69258. Tenable releases PoC and technical details, increasing exploitation risk. #Vulnerability https://t.co/bUR6gqpTzu
@threatcluster
9 Jan 2026
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro a corrigé une vulnérabilité (CVE-2025-69258) dans Apex Central on-premise permettant une exécution de code à distance avec privilèges élevés https://t.co/oZn4GtIJgJ
@cert_ist
9 Jan 2026
62 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
How the Trend Micro Apex Central Flaw CVE-2025-69258 Disarms Your Entire Network Read the full report on - https://t.co/6jNvOJKEwm https://t.co/bBXSovTUBQ
@cyberbivash
9 Jan 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Trend Micro corrige une faille critique (CVE-2025-69258, score CVSS 9.8) dans Apex Central pour Windows, permettant une exécution de code à distance. Mise à jour urgente recommandée. #Cybersecurity #Vulnerability https://t.co/E9fsFGzltc @TheHackersNews
@cyberwatcher_
9 Jan 2026
57 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
📌 أصدرت شركة تريند مايكرو تحديثات أمنية لمعالجة ثغرات في إصدارات Apex Central على Windows، بما في ذلك ثغرة حرجة قد تؤدي إلى تنفيذ أكواد عن بُعد. تُعرف الثغرة برقم C
@Cybercachear
9 Jan 2026
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Trend Micro patched a critical flaw in on-prem Apex Central for Windows that can lead to SYSTEM-level code execution. CVE-2025-69258 (CVSS 9.8) allows a remote, unauthenticated attacker with endpoint access to load a malicious DLL via MsgReceiver.exe. On-prem builds below
@TheHackersNews
9 Jan 2026
9371 Impressions
34 Retweets
78 Likes
16 Bookmarks
4 Replies
0 Quotes
トレンドマイクロApex Central(オンプレ版)における重大(Critical)な脆弱性CVE-2025-69258に対応するPoC(攻撃の概念実証コード)が公開。CVSSスコア9.8の遠隔コード実行。LoadLibraryEXの脆弱性により、悪意あるDLLをSYSTE
@__kokumoto
9 Jan 2026
2104 Impressions
4 Retweets
23 Likes
8 Bookmarks
0 Replies
0 Quotes
PoC exploits have been released for CVE-2025-69258 in Trend Micro Apex Central (on-premise). The flaw may allow unauthenticated RCE on unpatched systems. A fix is available, and no active exploitation has been confirmed so far. How fast do you patch once PoCs go public? Follow
@TechNadu
9 Jan 2026
80 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
アラート/アドバイザリ:Trend Micro Apex Centralで確認された複数の脆弱性(CVE-2025-69258, CVE-2025-69259, CVE-2025-69260) https://t.co/kaWy88lAMu
@k2_naka
9 Jan 2026
461 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
1 Quote
Trend Micro Apex Central における認証されていない RCE の PoC が公開されました (CVE-2025-69258) PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258) #HelpNetSecurity (Jan 8) https://t.co/LPYMbvBEuq
@foxbook
9 Jan 2026
322 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
1 Quote
🚨🚨🚨 Apex Centralのオンプレで重大な脆弱性。 認証されていない攻撃者によるRCEも(特定の条件あり) CVE-2025-69258, CVE-2025-69259, CVE-2025-69260 CRITICAL SECURITY BULLETIN: Trend Micro Apex Central (on-premise) January 2026 Multiple V
@autumn_good_35
8 Jan 2026
773 Impressions
4 Retweets
3 Likes
0 Bookmarks
1 Reply
0 Quotes
The severity is increased for this new vulnerability affecting Trend Micro Apex Central (CVE-2025-69258) https://t.co/tIs5Gui3lH
@vuldb
8 Jan 2026
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-69258: CRITICAL] A critical vulnerability in Trend Micro Apex Central leaves systems exposed to remote code execution attacks. Ensure immediate patching to mitigate risks effectively. #cybersecurity#cve,CVE-2025-69258,#cybersecurity https://t.co/rgKZXS1ZMi https://t.co/
@CveFindCom
8 Jan 2026
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 CVE-2025-69258 - Critical A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of ... https://t.co/T8wsvyTiWB https://t.co/EjRLhyhBLO
@TheHackerWire
8 Jan 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258): Trend Micro has released a critical patch fixing several remotely exploitable vulnerabilities in Apex Central (on-premise), including a flaw (CVE-2025-69258) that may… https://t.co/QiEKiT3A8K htt
@shah_sheikh
8 Jan 2026
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "664A5F5B-7494-4ADF-9028-CA5DC84AF91A"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_3752:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "316E50F7-A9DA-4B67-9ECC-C8D50116BA07"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_5158:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FBF6D0D-D68E-4DB2-B4DE-D4157FEE54F2"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6016:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B11EE47-757F-4A7D-806A-01C956535F4E"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6288:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB8D4938-783C-4954-95C0-BD26162330A6"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6394:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FFFED78-5927-4529-B74C-BF988108EC0C"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6481:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D919B553-6CBD-4211-A507-CD930D485852"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6511:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F30EC7A8-6E0D-40CE-9691-90F438F1F03B"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6571:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F905E86D-E3D9-4E54-B2A6-01753043A9F4"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6658:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "231493F7-3804-4123-BE1E-ABC3AC46DAAF"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6660:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "983C3666-DF36-4C30-BD70-669734D28475"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6890:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2EFB9449-DB07-4F75-AB53-23F2B721C0CE"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_6955:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F586BF3-DD53-4243-8A9F-18D0599E9397"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_7007:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90DA4B19-8DE2-48B6-B5A7-528AD8978C00"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_7065:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F48D37D0-0FA2-4C9D-A121-C64B0F8F8D1C"
},
{
"criteria": "cpe:2.3:a:trendmicro:apex_central:2019:build_7141:*:*:-:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4AC419E-AB59-46E0-BEDF-CAD6AF84E8BB"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]