Unrated severityCISA KEVNVD Advisory· Published Aug 5, 2025· Updated Oct 21, 2025
CVE-2025-54948
CVE-2025-54948
Description
A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Trend Micro, Inc./Trend Micro Apex Onev5cpe:2.3:a:trendmicro:apexone_server:14.0.0.14039:*:*:*:*:*:*:*Range: 2019 (14.0)
Patches
Vulnerability mechanics
References
1News mentions
2- Trend Micro warns of Apex One zero-day exploited in the wildBleepingComputer · May 22, 2026
- ZDI-26-269: TrendAI Apex One Console Directory Traversal Remote Code Execution VulnerabilityZero Day Initiative · Apr 15, 2026