Trend Micro cautions against actively exploited Apex One RCE vulnerability
The firm also patched a high severity security flaw that lets perpetrators bypass authentication

Trend Micro has alerted its customers to an actively exploited Apex One security vulnerability, codenamed CVE-2022-40139.
An endpoint security platform, Apex One by Trend Micro provides businesses with automated threat detection and response against malware and malicious tools.
The recently identified security flaw in the platform allows for remote execution of arbitrary code on systems running unpatched software, the company warned.
"Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code execution.”
However, despite the severity of the threat, Trend Micro noted that threat actors must still obtain access to the Apex One server administration console for an exploit to be successful.
"Trend Micro has observed at least one active attempt of potential exploitation of this vulnerability in the wild. Customers are strongly encouraged to update to the latest versions as soon as possible," the company added.
Apex One users are advised to update their installation to the latest version, Apex One Service Pack 1 (Server Build 11092 and Agent Build 11088) to safeguard their systems.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Trend Micro also patched another high severity vulnerability in the Apex One product, tracked as CVE-2022-40144. The security flaw allowed potential intruders to falsify request parameters to bypass authentication.
-
The Scattered Spider ransomware group is infiltrating Slack and Microsoft Teams to target vulnerable employees
News The group is using new ransomware variants and new social engineering techniques - including sneaking into corporate teleconferences
-
Acer’s laptop made from oyster shells is now available in the UK
News The Acer Aspire Vero 16 aims to combine performance and sustainability, the company said
-
Industry welcomes the NCSC’s new Vulnerability Research Initiative – but does it go far enough?
News The cybersecurity agency will work with external researchers to uncover potential security holes in hardware and software
-
Hackers are targeting Ivanti VPN users again – here’s what you need to know
News Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-days
News The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claim
News Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
-
Everything you need to know about the Microsoft Power Pages vulnerability
News A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Vulnerability management complexity is leaving enterprises at serious risk
News Fragmented data and siloed processes mean remediation is taking too long
-
A critical Ivanti flaw is being exploited in the wild – here’s what you need to know
News Cyber criminals are actively exploiting a critical RCE flaw affecting Ivanti Connect Secure appliances
-
Researchers claim an AMD security flaw could let hackers access encrypted data
News Using only a $10 test rig, researchers were able to pull off the badRAM attack