Trend Micro Issues Critical Patch for Apex One: Severe RCE Flaws Addressed

Trend Micro released a Critical Patch for Apex One that fixes two critical Console Directory Traversal vulnerabilities (CVE-2025-71210, CVE-2025-71211; CVSS 9.8) which could allow an attacker with access to the Management Console to upload malicious code and execute commands; the update also addresses two high-severity local privilege escalation bugs (CVE-2025-71212, CVE-2025-71213) and includes protections for older CVEs, while Mac issues were already mitigated via ActiveUpdate/SaaS—Trend Micro urges on-prem customers to apply the updates.