Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-54948

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.

Published

2025-08-05T13:15:28.487

Last Modified

2025-10-21T23:17:06.857

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.4 (CRITICAL)

Weaknesses

Type: Secondary
CWE-78

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	trendmicro	apex_one	2019	Yes

References

https://success.trendmicro.com/en-US/solution/KA-0020652 Patch, Vendor Advisory ([email protected])
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54948 (134c704f-9b21-4f2e-91b3-4a467353bcc0)