Trend Micro has issued a critical security update for Apex Central to address multiple remotely exploitable vulnerabilities, including a bug that allows unauthenticated attackers to execute code with SYSTEM-level privileges.
Organizations running vulnerable builds are urged to patch immediately to avoid both remote code execution and denial-of-service risks.
Critical flaws in Apex Central
The update targets Apex Central for Windows and affects all on-premises versions below build 7190.
Trend Micro has released Critical Patch Build 7190 as the minimum version required to remediate the vulnerabilities, with installation instructions provided in the accompanying readme.
disclosure process.
| CVE ID | CVSS v3.1 | Impact summary |
| CVE-2025-69258 | 9.8 (Critical) | Unauthenticated attacker can load attacker-controlled DLL into a key executable and run code as SYSTEM. |
| CVE-2025-69259 | 7.5 (High) | Malformed message can trigger a NULL handling path and create a denial-of-service condition. |
| CVE-2025-69260 | 7.5 (High) | Out-of-bounds read in message processing allows remote attackers to crash services (DoS). |
The most severe issue, rated CVSS 9.8 (Critical), stems from misuse of LoadLibraryEx, which allows a remote, unauthenticated attacker to force the product to load a malicious DLL into a key executable.
Successful exploitation results in arbitrary code execution under the SYSTEM account, effectively granting complete control over the endpoint or server running Apex Central.
Two additional flaws, both scored 7.5 (High), involve unsafe message handling paths that can be abused to crash services and cause denial of service.
All three vulnerabilities are exploitable without authentication, significantly increasing the exposure of internet-accessible or poorly segmented consoles.
Because Apex Central acts as a centralized security management platform, compromise of this system can cascade across the entire environment it manages. Trend Micro recommends customers:
Upgrade Apex Central (on-premise) to Critical Patch Build 7190 or later as soon as possible.
Ensure any required service packs or prerequisites are installed from Trend Micro’s download portal before applying the patch.
Review and harden remote access policies to critical management servers, limiting exposure to trusted administrative networks only.
Follow us on Google News, LinkedIn, and X to Get Instant Updates and Set GBH as a Preferred Source in Google.