20260109-bleepingcomputer.com-2df2f

< Back to index

Trend Micro warns of critical Apex Central RCE vulnerability

Published:

9 January 2026 at 10:40:26

Alert date:

9 January 2026 at 11:00:52

Source:

bleepingcomputer.com

Security Tools, Enterprise Applications, Zero-Day Vulnerabilities

Trend Micro has patched a critical security vulnerability in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges. This represents a high-severity remote code execution flaw in the cybersecurity company's enterprise security management platform. The vulnerability poses significant risk as it grants attackers the highest level of system access if exploited. Organizations using Trend Micro Apex Central should prioritize applying the security patch immediately.

Technical details

LoadLibraryEX vulnerability in Trend Micro Apex Central allows unauthenticated remote attackers to load attacker-controlled DLL into key executable. Attackers can send specially crafted message to MsgReceiver.exe process listening on TCP port 20001, leading to execution of attacker-supplied code with SYSTEM privileges. The vulnerability enables malicious DLL injection in low-complexity attacks without user interaction.

Mitigation steps:

Apply Critical Patch Build 7190 immediately. Review remote access to critical systems. Ensure policies and perimeter security are up-to-date. Update to latest builds as soon as possible.

Affected products:

Trend Micro Apex Central (on-premise)