Trend Micro Apex Central SSRF Vulnerability (CVE-2025-71207) Patched
Trend Micro has released a security update to fix a server-side request forgery vulnerability in Apex Central's Manual Update feature that could allow authenticated attackers to access internal network resources.
Trend Micro has issued a security update to address a server-side request forgery (SSRF) vulnerability in its Apex Central product, tracked as CVE-2025-71207. The flaw, discovered by researcher Abdessamad Lahlali of Trend Micro, was reported to the vendor in March 2025 and publicly disclosed on March 3, 2026, through the Zero Day Initiative (ZDI) advisory ZDI-26-146.
The vulnerability resides in the Manual Update feature of Trend Micro Apex Central. An authenticated remote attacker can exploit this flaw by supplying a crafted URL, causing the server to make a request to an incorrect destination. This SSRF behavior can be leveraged to gain improper access to network resources, potentially exposing sensitive information or enabling further attacks within the internal network.
Trend Micro Apex Central is a centralized management console used by organizations to manage Trend Micro security products across endpoints, servers, and gateways. The product is widely deployed in enterprise environments, making this vulnerability a concern for IT administrators who rely on it for security policy management and updates.
The vulnerability carries a CVSS score of 4.4 (medium severity), with the vector AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N. Exploitation requires authentication and high attack complexity, but the impact is limited to low confidentiality and integrity compromise. However, the SSRF nature of the flaw could allow attackers to bypass network segmentation and access internal systems.
Trend Micro has released a security update to correct the vulnerability. Administrators are advised to apply the patch as soon as possible. More details can be found in Trend Micro's security advisory at https://success.trendmicro.com/en-US/solution/KA-0022071.
This disclosure follows a coordinated responsible disclosure process, with the vendor given nearly a year to develop and release a fix. SSRF vulnerabilities remain a common issue in enterprise management platforms, often enabling lateral movement and data exfiltration. Organizations using Trend Micro Apex Central should prioritize patching to mitigate the risk of internal network compromise.