CVE-2025-71210

Published May 21, 2026

Last updated 25 days ago

CVSS critical 9.8

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-71210 is a critical vulnerability identified in the Trend Micro Apex One management console. This flaw is characterized as a path traversal weakness, which could enable remote attackers to upload and execute malicious code on affected systems. Successful exploitation of CVE-2025-71210 necessitates that attackers have access to the Trend Micro Apex One Management Console. Trend Micro has released patches for on-premises users of Apex One to address this and other related vulnerabilities.

Description
A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via a researcher through the Zero Day Initiative. The SaaS versions of the product have already been mitigated and no customer action required. For this particular vulnerability, an attacker must have access to the Trend Micro Apex One Management Console, so customers that have their console�s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied.
Source
security@trendmicro.com
NVD status
Analyzed
Products
apex_one

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

security@trendmicro.com
CWE-22

Social media

Hype score
Not currently trending

  1. Trend Micro Apex One on-prem: two RCEs in the management console, both CVSS 9.8 (CVE-2025-71210/71211). Anyone who reaches the console runs commands. SaaS is patched. If yours is internet-exposed, lock down source IPs. https://t.co/cBcdAErnoh

    @TechTranslators

    27 May 2026

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Trend Micro Apex One の脆弱性 CVE-2025-71210/71211 などが FIX:RCE のおそれ https://t.co/b4FoOpT1Ws Trend Micro の Apex One において、合計で 8 件の脆弱性 CVE-2025-71210~CVE-2025-71217

    @iototsecnews

    5 Mar 2026

    183 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. A severe vulnerability was disclosed for Trend Micro Apex One (CVE-2025-71210) https://t.co/32k02crQgK

    @vuldb

    4 Mar 2026

    131 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚠️ Vulnerabilidades en productos Trend Micro ❗ CVE-2025-71212 ❗ CVE-2025-71211 ❗ CVE-2025-71210 ➡️ Más info: https://t.co/QpCBUSZKbU https://t.co/zth4dfDLU6

    @CERTpy

    3 Mar 2026

    146 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. トレンドマイクロ Apex Oneに複数の脆弱性を修正(CVE-2025-71210〜71217) https://t.co/hoLB3Y3v1J

    @cybersecnews_jp

    27 Feb 2026

    91 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 【リンク集:2月26日〜27日のセキュリティ関連ニュース/記事】 <脆弱性> ・Juniper NetworksのPTXシリーズに重大な脆弱性、ルーターの完全な乗っ取りが可能に(CVE-2026-21902) https://t.co/fJowvjbogd ・トレンドマイ

    @MachinaRecord

    27 Feb 2026

    202 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. トレンドマイクロ Apex Oneに複数の脆弱性を修正(CVE-2025-71210〜71217) https://t.co/AlcfcM9dOV #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews

    @securityLab_jp

    27 Feb 2026

    130 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Trend Micro warns of critical Apex One code execution flaws https://t.co/U4RPFotsvM "The first critical Apex One security flaw patched this week (CVE-2025-71210) is due to a path traversal weakness in the Trend Micro Apex One management console, allowing attackers without…"

    @catnap707

    26 Feb 2026

    322 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    1 Quote

  9. 🚨 Trend Micro patches critical Apex One RCE bugs (CVE-2025-71210/71211) — update now Trend Micro fixed two critical directory-traversal RCE flaws in Apex One’s management console (CVE-2025-71210 and CVE-2025-71211, both CVSS 9.8) that could enable malicious code execution

    @ThreatSynop

    26 Feb 2026

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🚨 Trend Micro Patches Critical Apex One Console Path Traversal Bugs Enabling RCE (CVE-2025-71210/71211) Trend Micro fixed two critical path traversal flaws in the Apex One management console that can let attackers with access to the console execute malicious code on unpatched

    @ThreatSynop

    26 Feb 2026

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. トレンドマイクロのApex Oneで複数の重大(Critical)な脆弱性が修正。CVE-2025-71210とCVE-2025-71211はCVSSスコア9.8で、コンソールディレクトリトラバーサルからの遠隔コード実行。SaaS版は既に緩和済み(脆弱ではなかっ

    @__kokumoto

    26 Feb 2026

    2382 Impressions

    1 Retweet

    3 Likes

    1 Bookmark

    0 Replies

    1 Quote

  12. 🚨 Trend Micro patches critical Apex One console RCE bugs (CVE-2025-71210/71211) plus multiple local privesc flaws TrendAI (Trend Micro) fixed eight high/critical Apex One issues, including two critical directory-traversal RCE flaws in the on-prem management console

    @ThreatSynop

    26 Feb 2026

    48 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. 🚨🚨🚨 『A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands』 CVE-2025-71210、CVE-2025-71211 SECURITY BULLETIN: Apex One and Apex One (Mac) - February 2026 https://t.co/Y37nFoXlzW

    @autumn_good_35

    25 Feb 2026

    1135 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    2 Quotes

Configurations

Related CVEs

  1. A time-of-check time-of-use vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.CVE-2026-45208
  2. An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45206 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.CVE-2026-45207
  3. An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-45207 but exists in a different process protection communication mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.CVE-2026-45206
  4. An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different process protection mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.CVE-2026-34930
  5. An origin validation vulnerability in the Apex One/SEP agent could allow a local attacker to escalate privileges on affected installations. This is similar to CVE-2026-34927 but exists in a different inter-process communication mechanism. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.CVE-2026-34929

References

Sources include official advisories and independent security research.