CVE-2025-54948 | Attaxion

CISA Known Exploited Vulnerability (KEV)

Name

Trend Micro Apex One OS Command Injection Vulnerability

Exploit added

August 18, 2025

Action due

September 8, 2025

Action required

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Description

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.

References

https://success.trendmicro.com/en-US/solution/KA-0020652

Weakness Enumeration

CWE-ID	CWE Name
CWE-78	Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’)

Known Affected Software Configurations

cpe:2.3:a:trendmicro:apex_one:2019::::on-premises:windows::*

Details

Source:
NVD

Published:
August 5, 2025

Updated:
August 19, 2025

Risk information

CVSS v3

Base score:
9.4

Severity:

CRITICAL

Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H

CVSS v2

Not defined