CVE-2025-54987: OS Command Injection

Published Aug 5, 2025
·
Updated

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is essentially the same as CVE-2025-54948 but targets a different CPU architecture.

Affected Software

2 affected components
Trend Micro Apex One
trendmicro Apex One Windows=2019

Remediation

Patch Available

https://success.trendmicro.com/en-US/solution/KA-0020652

Event History

Dec 4, 2023
News Published
06:01 AM
Dec 18, 2023
News Published
02:25 AM
Jan 15, 2024
News Published
03:34 PM
Apr 29, 2024
News Published
02:29 AM
May 6, 2024
News Published
02:30 AM
May 13, 2024
News Published
02:21 AM
Jun 3, 2024
News Published
12:02 PM
Jul 1, 2024
News Published
03:35 AM
Jul 22, 2024
News Published
03:44 AM
Sep 30, 2024
News Published
03:02 AM
Nov 11, 2024
News Published
03:28 AM
Feb 10, 2025
News Published
02:30 AM
Mar 3, 2025
News Published
03:31 AM
Mar 10, 2025
News Published
01:56 AM
Jul 13, 2025
News Published
11:46 PM
Jul 21, 2025
News Published
12:13 AM
Jul 28, 2025
News Published
12:29 AM
Aug 4, 2025
News Published
12:01 AM
Aug 5, 2025
CVE Published
via MITRE·01:00 PM
Data Sourced
via MITRE·01:00 PM
DescriptionSeverity
Data Sourced
via NVD·01:15 PM
RemedyDescriptionSeverityWeaknessAffected Software
Aug 6, 2025
News Published
via BleepingComputer·10:06 AM
News Published
via BleepingComputer·10:07 AM
Aug 10, 2025
News Published
10:39 PM
Sep 8, 2025
News Published
via The Register·11:46 AM
News Published
via The Register·11:49 AM
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is the severity of CVE-2025-54987?

CVE-2025-54987 has a high severity rating due to its potential for remote code execution without authentication.

2

How do I fix CVE-2025-54987?

To mitigate CVE-2025-54987, update your Trend Micro Apex One to the latest version as per vendor recommendations.

3

Who is affected by CVE-2025-54987?

Organizations using Trend Micro Apex One management console on affected CPU architectures are at risk from CVE-2025-54987.

4

What types of attacks can CVE-2025-54987 facilitate?

CVE-2025-54987 can allow attackers to upload malicious code and execute arbitrary commands on the compromised system.

5

Is CVE-2025-54987 related to other vulnerabilities?

Yes, CVE-2025-54987 is related to CVE-2025-54948, but it targets a different CPU architecture.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203