Aug 06, 2025Ravie LakshmananVulnerability / Endpoint Safety
Pattern Micro has launched mitigations to handle vital safety flaws in on-premise variations of Apex One Administration Console that it mentioned have been exploited within the wild.
The vulnerabilities (CVE-2025-54948 and CVE-2025-54987), each rated 9.4 on the CVSS scoring system, have been described as administration console command injection and distant code execution flaws.
“A vulnerability in Pattern Micro Apex One (on-premise) administration console might permit a pre-authenticated distant attacker to add malicious code and execute instructions on affected installations,” the cybersecurity firm mentioned in a Tuesday advisory.
Whereas each shortcomings are basically the identical, CVE-2025-54987 targets a unique CPU structure. The Pattern Micro Incident Response (IR) Group and Jacky Hsieh at CoreCloud Tech have been credited with reporting the 2 flaws.
There are at the moment no particulars on how the problems are being exploited in real-world assaults. Pattern Micro mentioned it “noticed at the least one occasion of an try to actively exploit certainly one of these vulnerabilities within the wild.”
Mitigations for Pattern Micro Apex One as a Service have already been deployed as of July 31, 2025. A brief-term answer for on-premise variations is offered within the type of a repair device. A proper patch for the vulnerabilities is anticipated to be launched in mid-August 2025.
Nonetheless, Pattern Micro identified that whereas the device totally protects towards recognized exploits, it would disable the power for directors to make the most of the Distant Set up Agent operate to deploy brokers from the Pattern Micro Apex One Administration Console. It emphasised that different agent set up strategies, reminiscent of UNC path or agent package deal, are unaffected.
“Exploiting these sort of vulnerabilities typically require that an attacker has entry (bodily or distant) to a susceptible machine,” the corporate mentioned. “Along with well timed utility of patches and up to date options, clients are additionally suggested to evaluate distant entry to vital programs and guarantee insurance policies and perimeter safety is up-to-date.”
