Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

Posted on By CWS

Jan 09, 2026Ravie LakshmananVulnerability / Endpoint Safety
Pattern Micro has launched safety updates to deal with a number of safety vulnerabilities impacting on-premise variations of Apex Central for Home windows, together with a crucial bug that would lead to arbitrary code execution.
The vulnerability, tracked as CVE-2025-69258, carries a CVSS rating of 9.8 out of a most of 10.0. The vulnerability has been described as a case of distant code execution affecting LoadLibraryEX.
“A LoadLibraryEX vulnerability in Pattern Micro Apex Central might permit an unauthenticated distant attacker to load an attacker-controlled DLL right into a key executable, resulting in execution of attacker-supplied code beneath the context of SYSTEM on affected installations,” the cybersecurity firm stated.
Additionally patched by Pattern Micro are two different flaws –

CVE-2025-69259 (CVSS rating: 7.5) – A message unchecked NULL return worth vulnerability in Pattern Micro Apex Central might permit a distant, unauthenticated attacker to create a denial-of-service situation on affected installations
CVE-2025-69260 (CVSS rating: 7.5) – A message out-of-bounds learn vulnerability in Pattern Micro Apex Central might permit a distant, unauthenticated attacker to create a denial-of-service situation on affected installations

Tenable, which is credited with figuring out and reporting all three flaws in August 2025, stated an attacker can exploit CVE-2025-69258 by sending a message “0x0a8d” (“SC_INSTALL_HANDLER_REQUEST”) to the MsgReceiver.exe part, inflicting a DLL beneath their management to be loaded into the binary, leading to code execution with elevated privileges.
Equally, CVE-2025-69259 and CVE-2025-69260 will also be triggered by sending a specifically crafted message “0x1b5b” (“SC_CMD_CGI_LOG_REQUEST”) to the MsgReceiver.exe course of, which listens on the default TCP port 20001.
The problems impression Apex Central on-premise variations under Construct 7190. Pattern Micro famous that profitable exploitation hinges on an attacker already having bodily or distant entry to a weak endpoint.
“Along with well timed software of patches and up to date options, clients are additionally suggested to overview distant entry to crucial methods and guarantee insurance policies and perimeter safety are up-to-date,” it added.

The Hacker News Tags:, , , , , , , , , ,

Related Posts

Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited Microsoft Fixes 114 Windows Flaws in January 2026 Patch, One Actively Exploited The Hacker News
DoJ Dismantles IoT Botnets Behind Huge Global DDoS Attacks DoJ Dismantles IoT Botnets Behind Huge Global DDoS Attacks The Hacker News
Man-in-the-Middle Attack Prevention Guide Man-in-the-Middle Attack Prevention Guide The Hacker News
Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics The Hacker News
INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown The Hacker News
Digital Parasite Threats Redefine Cybersecurity in 2026 Digital Parasite Threats Redefine Cybersecurity in 2026 The Hacker News