On January 7, 2026, Trend Micro released a critical patch for Apex Central on-premises versions below Build 7190, addressing multiple vulnerabilities. The most severe of the vulnerabilities disclosed is CVE-2025-69258, a critical severity vulnerability, which allows unauthenticated threat actors to load malicious DLLs and execute arbitrary code as SYSTEM without user interaction. The advisory also includes two medium-severity denial-of-service vulnerabilities, CVE-2025-69259 and CVE-2025-69260.
Tenable researchers disclosed these flaws alongside proof-of-concept (PoC) exploits and technical details on January 7, 2026, with no confirmed in-the-wild exploitation as of January 9. However, threat actors have historically exploited vulnerabilities in Apex One and are likely to leverage the PoC exploit code. Organizations using an affected Apex Central version should prioritize upgrading to a fixed build as soon as possible, while restricting network access to management servers on the public internet and monitoring port 20001.
Recommendations for CVE-2025-69258:
Upgrade to Latest Fixed Version
Arctic Wolf strongly recommends that customers upgrade to the latest fixed version. A download link is available for the latest versions on the Trend Micro Software Download Center.
| Product | Affected Version | Fixed Version |
| Apex Central (on-premises) | Versions below Build 7190 | Build 7190 and above |
Please follow your organization’s patching and testing guidelines to minimize potential operational impact.
Restrict Access to Management Servers
Restrict direct internet access to the Apex Central server by placing it within a dedicated VLAN or DMZ, ensuring that only essential inbound ports are open. Within Apex Central, apply role-based access control (RBAC) to limit administrative logins.
Since the MsgReceiver.exe application uses port 20001 by default, restrict access to this port and other standard ports used by Apex Central on the public internet and actively monitor for any unauthorized connection attempts against the service.
References
