Remote Code Execution Vulnerability in Trend Micro Apex One Management Console
CVE-2025-71211

9.8CRITICAL

Key Information:

Vendor: Trend Micro
Status: Trendai Apex One; Trendai Apex One As A Service
Vendor: CVE Published:; 21 May 2026

🔔 Create Trend Micro Vulnerability Alert

What is CVE-2025-71211?

A vulnerability within the Trend Micro Apex One management console permits remote attackers to upload malicious code and execute commands on affected installations. This issue, while similar to another vulnerability in the same family, targets a different executable within the product. It's crucial for users with exposed IP addresses of the management console to implement source restrictions and other mitigative measures to secure their environment against unauthorized access.

Affected Version(s)

TrendAI Apex One 2019 (14.0) < 14.0.0.14136

TrendAI Apex One as a Service SaaS < 14.0.20315

References

https://success.trendmicro.com/en-US/solution/KA-0022458

https://www.zerodayinitiative.com/advisories/ZDI-26-137/

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 21, 2026
Vulnerability Reserved
Feb 11, 2026

CVE-2025-71211 Data

JSON