Trend Micro Apex Central < Build 7190 Multiple Vulnerabilities (KA-0022071)

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(282525);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/17");

  script_cve_id("CVE-2025-69258", "CVE-2025-69259", "CVE-2025-69260");

  script_name(english:"Trend Micro Apex Central < Build 7190 Multiple Vulnerabilities (KA-0022071)");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is running an application that is affected by multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version, the Trend Micro Apex Central application installed on the remote Windows host
is prior to Build 7190. It is, therefore, affected by multiple vulnerabilities as described in Trend Micro Solution ID
KA-0022071:

  - A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an
    attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of
    SYSTEM on affected installations. (CVE-2025-69258)
  
  - A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to
    create a denial-of-service condition on affected installations. Please note: authentication is not required in order
    to exploit this vulnerability. (CVE-2025-69259)

  - A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a
    denial-of-service condition on affected installations. Please note: authentication is not required in order to
    exploit this vulnerability. (CVE-2025-69260)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version   
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.tenable.com/security/research/tra-2026-01");
  script_set_attribute(attribute:"see_also", value:"https://success.trendmicro.com/en-US/solution/KA-0022071");
  script_set_attribute(attribute:"solution", value:
"Upgrade to Trend Micro Apex Central Build 7190 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-69258");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2026/01/07");
  script_set_attribute(attribute:"patch_publication_date", value:"2026/01/07");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/09");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:trendmicro:apex_central");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("trendmicro_apex_central_win_installed.nbin");
  script_require_keys("installed_sw/Trend Micro Apex Central");

  exit(0);
}

include('vcf_extras_trendmicro.inc');

var app_info = vcf::trendmicro::apex_central::get_app_info();

var constraints = [
  {'fixed_version': '7190', 'fixed_display':'2019 Build 7190'}
];

vcf::check_version_and_report(
  app_info:app_info, 
  constraints:constraints, 
  severity:SECURITY_HOLE
);