ZDI-26-270: TrendAI Apex One Console Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex One. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-54987.
ORIGINAL SOURCE โvia Zero Day Initiative
ADVERTISEMENT
โก STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING โRELATED ยท cyber
- [CYBER] ๐ pear: Kinsmen TeleMiracle
- [CYBER] New GoGra malware for Linux uses Microsoft Graph API for comms
- [CYBER] Mirai Botnet Targets Flaw in Discontinued D-Link Routers
- [CYBER] France's 'Secure' ID agency probes breach as crooks claim 19M records
- [CYBER] Progress Software fixes sneaky WAF bypass vulnerability (CVE-2026-21876)
- [CYBER] Guidance on Certifications