Trend Micro has fixed three critical vulnerabilities in Apex Central. The most serious, with a CVSS score of 9.8, allows attackers to execute code with SYSTEM privileges without authentication. Organizations should immediately patch to Build 7190.
The most dangerous vulnerability, CVE-2025-69258, is a remote code execution vulnerability in LoadLibraryEX. An attacker can load a malicious DLL into a critical part of the system without login credentials. This gives them full control with the highest system privileges. The impact is significant: confidentiality, integrity, and availability are all at stake.
In addition to the RCE vulnerability, Trend Micro resolves two denial-of-service leaks. CVE-2025-69259 exploits an unchecked NULL return value, while CVE-2025-69260 involves an out-of-bounds read. Both score 7.5 on the CVSS scale and also do not require authentication.
Patch available immediately
For on-premise installations of Apex Central on Windows, Trend Micro has released Critical Patch Build 7190. All versions below that build number are vulnerable. The company strongly recommends installing this patch and upgrading to the latest available version as soon as it becomes available.
Users must first install any required software, such as service packs, via the Trend Micro Download Center. Only then should they install the security patch. The company emphasizes that this is the minimum recommended version.
Although the vulnerabilities do not technically require authentication, an attacker must have access to the vulnerable system. This can be physical or remote. Trend Micro points out that, in addition to patching, organizations should also review their remote access policies and perimeter security.