Volerion logoVolerion
Volerion logoVolerion

Trend Micro Apex Central Unrestricted File Upload Vulnerability

Vulnerability

A vulnerability allowing unrestricted file uploads has been identified in Trend Micro Apex Central widgets prior to version 8.0.6955. This flaw arises from inadequate validation of user-supplied data, enabling attackers to upload arbitrary files on affected installations. Authentication is required to exploit this vulnerability. The issue is present in the on-premise version of Apex Central 2019, as well as the SaaS version before the March 2025 maintenance release.

Impact

Successful exploitation of this vulnerability could allow an attacker to upload arbitrary files, potentially leading to code execution on the affected system.

Remediation

Trend Micro has released a critical patch for the on-premise version of Apex Central. This patch is available as build 6955. For the SaaS version, the March 2025 monthly maintenance release addresses this vulnerability.

Added: Jun 17, 2025, 6:21 PM
Updated: Jun 17, 2025, 9:20 PM

Vulnerability Rating

Custom Algorithm
spread
2.6
impact
0.6
exploitability
4.9
remediation
7.7
relevance
0.2
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.