Trend Micro fixes two critical flaws in Apex One

Trend Micro released security updates for Trend Micro Apex One addressing two critical Console Directory Traversal vulnerabilities (CVE-2025-71210, CVE-2025-71211, CVSS 9.8) that could enable remote code execution if an attacker can access the management console; SaaS instances have been mitigated and on-premises customers are urged to apply Critical Patch Build 14136. The advisory also fixes two high-severity local privilege escalation issues in the Windows agent and several macOS agent flaws, with no reported exploitation to date.