Trend Micro releases critical security fixes for Apex Central RCE - so patch now

News
By published

Bug allowed hackers to inject DLLs without user interaction

A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
(Image credit: Shutterstock)
  • CVE-2025-69258 in Trend Micro Apex Central allowed unauthenticated DLL injection and remote code execution
  • Critical Patch Build 7190 fixes this flaw plus CVE-2025-69259 and CVE-2025-69260
  • Trend Micro urges immediate patching; mitigations like disconnecting systems are only temporary safeguards

Trend Micro has patched a critical-severity vulnerability in Apex Central (on-premise) which allowed threat actors to run arbitrary code, remotely.

Apex Central (on-premise) is a self-hosted centralized management platform for enterprise security, which lets organizations deploy and manage Trend Micro endpoint, server, and workload protection products from a single console that runs inside their own infrastructure.

It was vulnerable to CVE-2025-69258, a bug that allows threat actors to inject DLLs without any victim interaction. The bug was given a severity score of 9.8/10 (critical).

Patching and reviewing systems

"A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations," the company said in a recently published security advisory.

While mitigations are available (for example, disconnecting the system from the wider internet), Trend Micro says the best course of action is to apply the provided patch.

"In addition to timely application of patches and updated solutions, customers are also advised to review remote access to critical systems and ensure policies and perimeter security is up-to-date," Trend Micro said.

"However, even though an exploit may require several specific conditions to be met, Trend Micro strongly encourages customers to update to the latest builds as soon as possible."

The vulnerability is fixed in Critical Patch Build 7190, which was also said to have fixed two additional flaws: CVE-2025-69259 and CVE-2025-69260. Both can be leveraged by unauthenticated attackers.

In mid-June 2025, Trend Micro fixed a handful of critical-everity vulnerabilities, including some in Apex Central. The vulnerabilities were all deemed either critical, or high-severity, and while there was no evidence of abuse at the time, Trend Micro urged customers to apply the fix without delay.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.