367 matches found
PT-2026-22845
Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability...
PT-2026-22846
Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability...
Trend Micro Apex Central Manual Update Server-Side Request Forgery Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of URLs in the Manual Update feature. By providing a crafted...
PT-2026-22849
Name of the Vulnerable Software and Affected Versions Trend Micro Apex Central affected versions not specified Description An improper authentication issue exists in Trend Micro Apex Central that could allow privilege escalation. The issue was discovered by Elias Martinez. Recommendations At the...
PT-2026-22847
Trend Micro Apex Central Manual Update Server-Side Request Forgery Vulnerability...
Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of URLs in the Scheduled Update feature. By providing a crafte...
Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the management console. The issue results from incorrect implementation of the...
Trend Micro Apex Central Hub Server Server-Side Request Forgery Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of hub server URLs. By providing a crafted URL, an attacker ca...
PT-2026-22848
Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability...
Multiple vulnerabilities in Trend Micro Apex Central (January 2026)
Overview Trend Micro Incorporated has released a security update for Trend Micro Apex Central to fix CVE-2025-69258, CVE-2025-69259, and CVE-2025-69260. Trend Micro Incorporated reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN. Impact Processing some crafte...
CVE-2025-69259
A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability...
CVE-2025-69258
A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations...
CVE-2025-69260
A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability...
Vulnerabilities fixed in Trend Micro Apex Central
Trend Micro has fixed vulnerabilities in Trend Micro Apex Central. The vulnerabilities are in the way Trend Micro Apex Central handles certain input. An attacker can cause a denial-of-service DoS without authentication by using an unverified NULL return value. In addition, malicious actors can ga...
CVE-2022-26871
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to upload an arbitrary file which could lead to remote code execution...
Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions
Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-69258 , carries a CVSS score of 9.8 out ...
Trend Micro Apex Central < Build 7190 Multiple Vulnerabilities (KA-0022071)
According to its self-reported version, the Trend Micro Apex Central application installed on the remote Windows host is prior to Build 7190. It is, therefore, affected by multiple vulnerabilities as described in Trend Micro Solution ID KA-0022071: - A LoadLibraryEX vulnerability in Trend Micro...
Trend Micro Apex Central MsgReceiver Detection
Binary data trendmicroapexcentralmsgreceiverdetect.nbin...
Trend Micro Apex Central LoadLibraryEx RCE (CVE-2025-69258)
Binary data trendmicroapexcentralcve-2025-69258.nbin...
CVE-2025-69259
A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability...