Vulnerabilities threaten PCs with Trend Micro Apex Central, Deep Security Agent
Security updates close several vulnerabilities in Trend Micro Apex Central and Deep Security Agent on Windows.
(Image: Pixels Hunter/Shutterstock.com)
Trend Micro's IT protection solutions Apex Central and Deep Security Agent are actually designed to protect computers from cyberattacks. However, due to several security vulnerabilities in the Windows versions, they can now serve as a gateway for attackers. Admins should install the available security patches promptly. There are still no reports of attacks.
Unauthorized access possible
A warning message indicates that Apex One can be attacked via three vulnerabilities (CVE-2025-30678 “medium”, CVE-2025-30679 “medium”, CVE-2025-30680 “high”). Attackers can use server-side request forgery (SSRF) attacks to gain unauthorized access to internal resources via prepared requests. The developers are not currently explaining in detail how such an attack could take place and which specific data is at risk.
The developers assure that they have closed the gaps in Apex Central (on-prem) Build 6955 and in Apex Central (SaaS) March 2025 Monthly Maintenance Release.
Rights upgrades
Deep Security Agent version 20.0 is vulnerable via three vulnerabilities (CVE-2025-30640 “high”, CVE-2025-30641 “high”, CVE-2025-30642 “medium”), the developers explain in a post. However, for attacks to be possible, an attacker already needs low rights on a target system. If this is the case, they can acquire higher user rights or trigger DoS states.
Here too, there is no evidence of ongoing attacks to date. However, admins should not delay too long before installing the secure version 20.0.1-25770.
(des)
