Trend Micro has released a critical security update addressing multiple vulnerabilities in Apex Central (on-premise), its centralized management platform for Trend Micro security products. The advisory, published on January 7, 2026, applies to Windows-based deployments and affects all Apex Central installations running versions below Build 7190.
Apex Central is commonly deployed in enterprise environments to manage endpoint protection, monitor security events, and enforce policies across large networks. Due to its central role and elevated privileges, vulnerabilities affecting this platform present an increased security risk and require timely remediation.
The bulletin details three vulnerabilities with severity ratings ranging from high to critical. The most severe issue allows remote code execution without authentication, while the remaining flaws can be used to disrupt service availability.
The vulnerabilities affect Apex Central on-premise deployments on Windows systems running builds earlier than Build 7190 addressed in this update include:
- A remote code execution vulnerability, tracked as CVE-2025-69258 with a severity score of 9.8, is related to unsafe DLL loading. Improper handling of the Windows LoadLibraryEx function could allow an unauthenticated remote attacker to load a malicious dynamic link library into a trusted Apex Central process, potentially resulting in arbitrary code execution with SYSTEM-level privileges.
- A denial-of-service vulnerability tracked as CVE-2025-69259 is caused by unchecked message return values. A remote attacker could exploit NULL return values during message processing to crash Apex Central services. Authentication is not required to exploit this issue.
- A denial-of-service vulnerability associated with CVE-2025-69260 results from an out-of-bounds memory read. A flaw in message handling could allow a remote attacker to render Apex Central services unstable or unavailable without authentication.
All three vulnerabilities affect Apex Central on-premise deployments on Windows systems running builds earlier than Build 7190.
Trend Micro has released Critical Patch Build 7190, which fully resolves the reported vulnerabilities. This build represents the minimum recommended version for affected customers. Organizations are encouraged to review prerequisite software requirements and, where possible, upgrade to the most recent available Apex Central release.
Trend Micro also advises reviewing access controls, remote access policies and network exposure related to Apex Central servers. Management consoles should be restricted to trusted networks and monitored for unusual activity.
Organizations using Apex Central on-premise installations should assess their deployment status and apply the recommended updates as soon as possible to maintain the security and availability of their centralized security infrastructure.
Leave a Reply