[VULNERABILITY ALERT] Trend Micro Apex Central Contains a Critical Security Vulnerability (CVE-2025-69258)

POSTING DATE: 2026/01/14

Subject: [VULNERABILITY ALERT] Trend Micro Apex Central Contains a Critical Security Vulnerability (CVE-2025-69258)

Content Description:
- Forwarded from Taiwan Computer Emergency Response Team/Coordination Center Security Alert TWCERTCC-200-202601-00000005
- Trend Micro Apex Central is a centralized management platform under Trend Micro used to manage various Trend Micro security solutions, including gateways, mail servers, file servers, and corporate desktops. Recently, a critical security vulnerability announcement was released, stating that this vulnerability (CVE-2025-69258, CVSS: 9.8) is a security weakness in the LoadLibraryEX function used by Trend Micro Apex Central. Unauthenticated remote attackers can load malicious DLLs they control into key executable files in the system and execute the attacker's code with SYSTEM privileges.
Affected Platforms:
- Apex Central (on-premise) versions prior to 7190 (exclusive)
Recommended Actions:
- Please go to the official website to apply the patch: https://success.trendmicro.com/en-US/solution/KA-0022071
Reference Material:
1. https://www.twcert.org.tw/tw/cp-169-10619-c1e07-1.html

Computer and Communication Center
Network Systems Division, Respectfully