This page lists publicly disclosed CVE vulnerabilities affecting trendmicro apex_one (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-71217 | An origin validation error vulnerability in the Trend Micro Apex One (mac) agent self-protection mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The following information is provided as informational only for CVE references, as these were addressed already via ActiveUpdate/SaaS updates in mid to late 2025 | [email protected] | 7.8 | 0.31% | 2026-05-21 | 2026-06-05 |
| CVE-2025-71216 | A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent cache mechanism could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The following information is provided as informational only for CVE references, as these were addressed already via ActiveUpdate/SaaS updates in mid to late 2025 (SaaS 25 | [email protected] | 7.8 | 0.34% | 2026-05-21 | 2026-06-05 |
| CVE-2025-71215 | A time-of-check time-of-use vulnerability in the Trend Micro Apex One (mac) agent iCore service signature verification could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The following information is provided as informational only for CVE references, as these were addressed already via ActiveUpdate/SaaS updates in mid | [email protected] | 7.0 | 0.30% | 2026-05-21 | 2026-06-05 |
| CVE-2025-71214 | An origin validation error vulnerability in the Trend Micro Apex One (mac) agent iCore service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The following information is provided as informational only for CVE references, as these were addressed already via ActiveUpdate/SaaS updates in mid to late 2025 (SaaS 2507 | [email protected] | 7.8 | 0.36% | 2026-05-21 | 2026-06-05 |
| CVE-2025-54987 | A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture. | [email protected] | 9.4 | 16.91% | 2025-08-05 | 2025-08-12 |
| CVE-2025-54948 KEV | A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. | [email protected] | 9.4 | 20.25% | 2025-08-05 | 2025-10-31 |
| CVE-2025-49158 | An uncontrolled search path vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 6.7 | 0.05% | 2025-06-17 | 2025-09-09 |
| CVE-2025-49157 | A link following vulnerability in the Trend Micro Apex One Damage Cleanup Engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.8 | 0.16% | 2025-06-17 | 2025-09-09 |
| CVE-2025-49156 | A link following vulnerability in the Trend Micro Apex One scan engine could allow a local attacker to escalation privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.0 | 0.08% | 2025-06-17 | 2025-09-09 |
| CVE-2025-49155 | An uncontrolled search path vulnerability in the Trend Micro Apex One Data Loss Prevention module could allow an attacker to inject malicious code leading to arbitrary code execution on affected installations. | [email protected] | 8.8 | 0.79% | 2025-06-17 | 2025-09-09 |
| CVE-2025-49154 | An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 8.7 | 0.05% | 2025-06-17 | 2025-10-06 |
| CVE-2024-58105 | A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. This CVE address an addtional bypass not covered in CVE-2024-58104. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.3 | 0.14% | 2025-03-25 | 2025-08-01 |
| CVE-2024-58104 | A vulnerability in the Trend Micro Apex One Security Agent Plug-in User Interface Manager could allow a local attacker to bypass existing security and execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.3 | 0.14% | 2025-03-25 | 2025-08-01 |
| CVE-2024-55917 | An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.8 | 0.26% | 2024-12-31 | 2025-08-25 |
| CVE-2024-55632 | A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.8 | 0.32% | 2024-12-31 | 2025-08-25 |
| CVE-2024-55631 | An engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.8 | 0.32% | 2024-12-31 | 2025-08-25 |
| CVE-2024-52050 | A LogServer arbitrary file creation vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.8 | 0.47% | 2024-12-31 | 2025-08-25 |
| CVE-2024-52049 | A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52048. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.8 | 0.32% | 2024-12-31 | 2025-08-25 |
| CVE-2024-52048 | A LogServer link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. This vulnerability is similar to, but not identical to CVE-2024-52049. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.8 | 0.32% | 2024-12-31 | 2025-08-25 |
| CVE-2024-52047 | A widget local file inclusion vulnerability in Trend Micro Apex One could allow a remote attacker to execute arbitrary code on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | [email protected] | 7.5 | 1.05% | 2024-12-31 | 2025-07-29 |