dark
Hand-Picked Top-Read Stories
Trending Tags
2 minute read

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

info@thehackernews.com (The Hacker News)
January 9, 2026
Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution. The vulnerability, tracked as CVE-2025-69258, carries a CVSS score of 9.8 out of a maximum of 10.0. The vulnerability has been described as a case of remote code execution
Total
0
Shares
0
0
0
[[{“value”:”

Trend Micro Apex Central

Trend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution.

The vulnerability, tracked as CVE-2025-69258, carries a CVSS score of 9.8 out of a maximum of 10.0. The vulnerability has been described as a case of remote code execution affecting LoadLibraryEX.

“A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations,” the cybersecurity company said.

Also patched by Trend Micro are two other flaws –

  • CVE-2025-69259 (CVSS score: 7.5) – A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote, unauthenticated attacker to create a denial-of-service condition on affected installations
  • CVE-2025-69260 (CVSS score: 7.5) – A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote, unauthenticated attacker to create a denial-of-service condition on affected installations
Cybersecurity

Tenable, which is credited with identifying and reporting all three flaws in August 2025, said an attacker can exploit CVE-2025-69258 by sending a message “0x0a8d” (“SC_INSTALL_HANDLER_REQUEST”) to the MsgReceiver.exe component, causing a DLL under their control to be loaded into the binary, resulting in code execution with elevated privileges.

Similarly, CVE-2025-69259 and CVE-2025-69260 can also be triggered by sending a specially crafted message “0x1b5b” (“SC_CMD_CGI_LOG_REQUEST”) to the MsgReceiver.exe process, which listens on the default TCP port 20001.

The issues impact Apex Central on-premise versions below Build 7190. Trend Micro noted that successful exploitation hinges on an attacker already having physical or remote access to a vulnerable endpoint.

“In addition to timely application of patches and updated solutions, customers are also advised to review remote access to critical systems and ensure policies and perimeter security are up-to-date,” it added.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Previous Post

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

January 9, 2026
Next Post

Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can’t)

January 9, 2026
Related Posts
2 min

Researchers Detail Tuoni C2’s Role in an Attempted 2025 Real-Estate Cyber Intrusion

Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control (C2) and red teaming framework known as Tuoni. "The campaign leveraged the emerging Tuoni C2 framework, a relatively new, command-and-control (C2) tool (with a free license) that delivers stealthy, in-memory payloads,"
info@thehackernews.com (The Hacker News)
November 18, 2025
Read More
2 min

TikTok Forms U.S. Joint Venture to Continue Operations Under 2025 Executive Order

TikTok on Friday officially announced that it formed a joint venture that will allow the hugely popular video-sharing application to continue operating in the U.S. The new venture, named TikTok USDS Joint Venture LLC, has been established in compliance with the Executive Order signed by U.S. President Donald Trump in September 2025, the platform said. The new deal will see TikTok's Chinese
info@thehackernews.com (The Hacker News)
January 23, 2026
Read More
5 min

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

The information technology (IT) workers associated with the Democratic People's Republic of Korea (DPRK) are now applying to remote positions using real LinkedIn accounts of individuals they're impersonating, marking a new escalation of the fraudulent scheme. "These profiles often have verified workplace emails and identity badges, which DPRK operatives hope will make their fraudulent
info@thehackernews.com (The Hacker News)
February 10, 2026
Read More