Development Micro is urging customers of the on-premises model of its Apex One endpoint safety resolution to put in updates that patch two zero-day vulnerabilities.
An advisory printed by the safety agency on Tuesday warns prospects that two important vulnerabilities tracked as CVE-2025-54948 and CVE-2025-54987 have been exploited within the wild in at the very least one occasion.
The safety holes, described as OS command injection points, affect the Apex One administration console and they are often exploited by a distant, unauthenticated attacker to add malicious code and execute instructions on impacted installations.
CVE-2025-54987 is described as “primarily the identical as CVE-2025-54948” however affecting a special CPU structure.
“For this explicit vulnerability, an attacker will need to have entry to the Development Micro Apex One Administration Console, so prospects which have their console’s IP handle uncovered externally ought to take into account mitigating components resembling supply restrictions if not already utilized,” Development Micro informed prospects.
In keeping with advisories printed by ZDI, the vulnerabilities have been reported to Development Micro on August 1 and it appears the corporate rushed to patch them.
No info has been shared on the zero-day assaults exploiting CVE-2025-54948 and/or CVE-2025-54987, however Chinese language cyberspies have been recognized to focus on Development Micro product vulnerabilities.
Jacky Hsieh of Taiwan-based cybersecurity firm CoreCloud Tech has been credited for reporting the vulnerabilities. Contemplating that Taiwan is commonly a goal of Chinese language APT assaults, this implies that Chinese language risk actors could also be behind the newest Development Micro zero-day exploitation. Commercial. Scroll to proceed studying.
It’s not unusual for risk actors to focus on Development Micro product vulnerabilities of their assaults. CISA’s Recognized Exploited Vulnerabilities (KEV) catalog reveals that ten Development Micro flaws have been exploited within the wild since 2018.
Associated: ESET Vulnerability Exploited for Stealthy Malware Execution
Associated: Important Vulnerabilities Patched in Development Micro Apex Central, Endpoint Encryption
Associated: Development Micro Patches One other Apex One Vulnerability Exploited in Assaults
