{"id":175845,"date":"2026-01-09T05:01:00","date_gmt":"2026-01-09T10:01:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/01\/09\/trend-micro-apex-central-rce-flaw-scores-9-8-cvss-in-on-prem-windows-versions\/"},"modified":"2026-01-09T05:10:11","modified_gmt":"2026-01-09T10:10:11","slug":"trend-micro-apex-central-rce-flaw-scores-9-8-cvss-in-on-prem-windows-versions","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/01\/09\/trend-micro-apex-central-rce-flaw-scores-9-8-cvss-in-on-prem-windows-versions\/","title":{"rendered":"Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions"},"content":{"rendered":"

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions<\/a><\/p>\n

https:\/\/thehackernews.com\/2026\/01\/trend-micro-apex-central-rce-flaw.html<\/a><\/p>\n

Publish Date: 2026-01-09 05:01:00<\/a><\/p>\n

Source Domain: thehackernews.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points.
\n\ue802Jan 09, 2026\ue804Ravie LakshmananVulnerability \/ Endpoint Security
\nTrend Micro has released security updates to address multiple security vulnerabilities impacting on-premise versions of Apex Central for Windows, including a critical bug that could result in arbitrary code execution.
\nThe vulnerability, tracked as CVE-2025-69258, carries a CVSS score of 9.8 out of a maximum of 10.0. The vulnerability has been described as a case of remote code execution affecting LoadLibraryEX.
\n“A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations,” the cybersecurity company said.
\nAlso patched by Trend Micro are two other flaws –<\/p>\n

CVE-2025-69259 (CVSS score: 7.5) – A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote, unauthenticated attacker to create a denial-of-service condition on affected installations
\nCVE-2025-69260 (CVSS score: 7.5) – A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote, unauthenticated attacker to create a denial-of-service condition on affected installations<\/p>\n

Tenable, which is credited with identifying and reporting all three flaws in August 2025, said an attacker can exploit CVE-2025-69258 by sending a message “0x0a8d” (“SC_INSTALL_HANDLER_REQUEST”) to the MsgReceiver.exe component, causing a DLL under their control to be loaded into the binary, resulting in code execution with elevated privileges.
\nSimilarly, CVE-2025-69259 and CVE-2025-69260 can also be triggered by sending a specially crafted message “0x1b5b” (“SC_CMD_CGI_LOG_REQUEST”) to the MsgReceiver.exe process, which listens on the default TCP port 20001.
\nThe issues impact Apex Central on-premise versions below Build 7190. Trend Micro noted that successful exploitation hinges on an attacker already having physical or remote access to a vulnerable endpoint.
\n“In addition to timely application of patches and updated solutions, customers are also advised to review remote access to critical systems and ensure policies and perimeter security are up-to-date,” it added.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions https:\/\/thehackernews.com\/2026\/01\/trend-micro-apex-central-rce-flaw.html Publish…<\/p>\n","protected":false},"author":1,"featured_media":175846,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh0g-pVmmuKjF27CaQySVEJl4oMN20t271uPWVmcHbp8d_gF6yHehH-MvQAsQJ6H6-S9POiKFiUQUfjBIpbgQ8pP8ERTQK-tVtNAhrhTE8qWaNW8wAnE26o8eDpZrWHzsLdktcyS9Wrei5cx2FYVhnbJkUuWss7SSP2khMfwODaOWBxXnR5OsUvsZlBuToN\/s790-rw-e365\/trendmicro.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,31,27],"class_list":["post-175845","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/175845"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=175845"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/175845\/revisions"}],"predecessor-version":[{"id":175847,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/175845\/revisions\/175847"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/175846"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=175845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=175845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=175845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}