TREND Micro has fixed two critical Apex One flaws that could allow remote code execution on affected Windows systems, issuing patches and urging customers to apply them promptly. The first vulnerability, CVE-2025-71210, carries a CVSS of 9.8 and involves a Console Directory Traversal that could let an attacker upload malicious code and execute commands if they can access the Apex One Management Console. The second, CVE-2025-71211, is similar in scope but targets a different executable, also with a CVSS of 9.8.
In addition, Trend Micro addressed two high-severity privilege escalation flaws in the Windows agent (CVE-2025-71212 and CVE-2025-71213) and four macOS issues, with the SaaS Apex One versions mitigated already and no customer action required. The fixes were reported by Jacky Hsieh and Charles Yang of CoreCloud Tech through TrendAI’s Zero Day Initiative, and a Critical Patch Build 14136 was released for the on‑premises product. Trend Micro does not say whether these flaws have been exploited in attacks in the wild.