Security Flaws Threaten PCs Using Trend Micro Apex Central and Deep Security Agent

Recent vulnerabilities have been identified in Trend Micro's IT security solutions, Apex Central and Deep Security Agent, which could potentially expose Windows PCs to cyberattacks. Administrators are urged to apply the latest security patches without delay, as currently, there have been no reports of successful attacks exploiting these vulnerabilities.

According to security alerts, Apex Central is susceptible to three vulnerabilities (CVE-2025-30678, CVE-2025-30679, and CVE-2025-30680) categorized as medium to high risk. These vulnerabilities can be exploited through Server-side Request Forgery (SSRF) attacks, which allow unauthorized access to internal resources via specially crafted requests. However, details on the specific nature of the data at risk have not been disclosed by the developers.

The developers have confirmed that the vulnerabilities in Apex Central (on-premises version 6955) and Apex Central (SaaS) from the March 2025 Monthly Maintenance Release have been addressed.

Additionally, the Deep Security Agent, in version 20.0, is vulnerable due to three identified weaknesses (CVE-2025-30640, CVE-2025-30641, and CVE-2025-30642), which are classified as medium to high risk. It should be noted that for these attacks to succeed, an attacker must already possess low-level access to the target system. If this condition is met, they could escalate their privileges or trigger denial-of-service (DoS) conditions.

As of now, there are no indications of active exploitation of these vulnerabilities. However, system administrators are advised not to delay in installing the secured update version 20.0.1-25770.

This situation highlights the critical importance of maintaining up-to-date security measures within IT infrastructures to prevent potential breaches and data loss.