Trend Micro warns of worrying security flaw allowing full Windows takeover, so patch now

Trend Micro patched two critical Apex One path traversal flaws (CVE-2025-71210, CVE-2025-71211, both 9.8/10)
Exploitation requires console access
SaaS version fixed, on-prem patch Build 14136 released

Trend Micro says it has patched two critical vulnerabilities which could have allowed threat actors to take over vulnerable underlying systems.

In a security advisory, the company said it fixed a path traversal vulnerability in the Trend Micro Apex One management console, which is now tracked as CVE-2025-71210, and which was given a critical severity score of 9.8/10.

endpoint security platform for business computers, servers, and other devices, designed to shield them from malware, ransomware, spyware, and other cyberthreats. It combines traditional antivirus with modern threat-detection technologies like machine learning and behavioral analysis and comes with centralized management and investigation tools.

Defending against potential attacks is relatively easy. As Trend Micro explained in the advisory, to exploit it, an attacker “must have access to the Trend Micro Apex One Management Console, so customers that have their console’s IP address exposed externally should consider mitigating factors such as source restrictions if not already applied.”

“Even though an exploit may require several specific conditions to be met, Trend Micro strongly encourages customers to update to the latest builds as soon as possible,” it warned.

The SaaS Apex One version has already been fixed, and the company released Critical Patch Build 14136 for on-prem customers. This patch also fixes additional two vulnerabilities in the Windows agent, and four in the macOS agent.

At press time, there was no evidence of these flaws being abused in the wild, and the US CISA has not yet added them to its Known Exploited Vulnerabilities (KEV) catalog.

Via BleepingComputer

The best antivirus for all budgets

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

https://cdn.mos.cms.futurecdn.net/MgHkR3uwBsnpbGtik3QxwF-1920-80.jpg

Source link

Samsung’s newest Galaxy Buds 4 Pro are available for preorder — here’s why I’m buying them at Amazon

No data shared — Private Internet Access reinforces its no-log claims with independent audit and transparency report

OneOdio Focus A1 Pro review: budget headphones that sound better than you’d expect

The Xiaomi 17 Ultra Leica Edition is going global tomorrow with a new name

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

Which Celebrity Styles Americans Copy Most in 2025: New Study

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

20-year-old claiming social media addiction in landmark trial says she was on it ‘all day long’ as a child. Meta brings up abusive environment

Sunstone Hotel Investors earnings beat by $0.04, revenue topped estimates

‘I do not recall ever encountering Mr. Epstein’: Hillary Clinton claims ignorance

Analysis-Pakistan’s Afghan salvo risks turning ’open war’ into long crisis

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays