Trend Micro has announced remedies to tackle significant security vulnerabilities in on-premises iterations of the Apex One Management Console, which it claims have been actively targeted in real-world attacks.
The flaws (CVE-2025-54948 and CVE-2025-54987), each assessed at 9.4 on the CVSS rating scale, are characterized as command injection issues within the management console and remote code execution vulnerabilities.
“A flaw in Trend Micro