- CVE-2025-69258 in Trend Micro Apex Central allowed unauthenticated DLL injection and remote code execution
- Critical Patch Build 7190 fixes this flaw plus CVE-2025-69259 and CVE-2025-69260
- Trend Micro urges immediate patching; mitigations like disconnecting systems are only temporary safeguards
Trend Micro has patched a critical-severity vulnerability in Apex Central (on-premise) which allowed threat actors to run arbitrary code, remotely.
Apex Central (on-premise) is a self-hosted centralized management platform for enterprise security, which lets organizations deploy and manage Trend Micro endpoint, server, and workload protection products from a single console that runs inside their own infrastructure.
It was vulnerable to CVE-2025-69258, a bug that allows threat actors to inject DLLs without any victim interaction. The bug was given a severity score of 9.8/10 (critical).
Patching and reviewing systems
“A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations,” the company said in a recently published security advisory.
While mitigations are available (for example, disconnecting the system from the wider internet), Trend Micro says the best course of action is to apply the provided patch.
“In addition to timely application of patches and updated solutions, customers are also advised to review remote access to critical systems and ensure policies and perimeter security is up-to-date,” Trend Micro said.
“However, even though an exploit may require several specific conditions to be met, Trend Micro strongly encourages customers to update to the latest builds as soon as possible.”
The vulnerability is fixed in Critical Patch Build 7190, which was also said to have fixed two additional flaws: CVE-2025-69259 and CVE-2025-69260. Both can be leveraged by unauthenticated attackers.
In mid-June 2025, Trend Micro fixed a handful of critical-everity vulnerabilities, including some in Apex Central. The vulnerabilities were all deemed either critical, or high-severity, and while there was no evidence of abuse at the time, Trend Micro urged customers to apply the fix without delay.
Via BleepingComputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
