CVE-2025-54948CISA KEV: Actively Exploited

Trend Micro Apex One OS Command Injection Vulnerability

Published Aug 18, 2025·Updated Aug 18, 2025

Description

Trend Micro Apex One Management Console (on-premise) contains an OS command injection vulnerability that could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free