CVE-2025-71212
Trend Micro · Apex One
A link following vulnerability in the Trend Micro Apex One scan engine allows a local attacker to escalate privileges on affected installations.
Executive summary
A local privilege escalation vulnerability in the Trend Micro Apex One scan engine poses a significant risk to system integrity and administrative control.
Vulnerability
This is a link following vulnerability located within the Apex One scan engine. An authenticated local attacker can leverage this flaw to gain elevated privileges on the host system.
Business impact
Successful exploitation of this vulnerability allows a local user to bypass security controls and gain administrative access to the host. Given the CVSS score of 7.8, this represents a High risk, as it could lead to full system compromise, unauthorized data access, and the potential deployment of secondary malicious payloads within the enterprise environment.
Remediation
Immediate Action: Consult the official Trend Micro security advisory to identify and apply the necessary patches or configuration updates.
Proactive Monitoring: Monitor system logs for unusual process execution patterns or unauthorized attempts to access protected system files by non-privileged accounts.
Compensating Controls: Ensure that local users operate with the principle of least privilege and restrict access to the underlying OS where the Apex One scan engine resides.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability presents a high risk to endpoint security. Organizations should prioritize identifying affected instances and applying vendor-supplied updates immediately to mitigate the risk of local privilege escalation.