Description
An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.

Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Published: 2026-05-21
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

An origin validation error in Trend Micro Apex One permits a local attacker to elevate privileges on affected installations. The flaw arises when the software fails to properly validate the origin of certain inputs, allowing malicious content to be accepted without verification. The result is a potential privilege escalation that could enable the attacker to run higher‑privileged code or access sensitive resources.

Affected Systems

Trend Micro Apex One, including the on‑premises version (14.0.0.14136) and the SaaS edition (14.0.0.20315).

Risk and Exploitability

The CVSS score of 7.8 indicates a high severity, while the EPSS score is not available and the vulnerability is not listed in CISA KEV. A local code execution capability is required as prerequisite; thus the likely attack vector is a local one. Once the attacker obtains low‑privileged code execution, exploiting the missing origin validation can raise his privileges, potentially exposing the entire system to further compromise. The absence of a publicly disclosed exploit does not preclude use by advanced adversaries leveraging the local execution step.

Generated by OpenCVE AI on May 21, 2026 at 14:41 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest vendor patch or upgrade Trend Micro Apex One to a version that fixes the origin validation error.
  • Implement least‑privilege controls for local accounts, disabling or restricting any unnecessary local service accounts that could be used to execute code.
  • Monitor system logs for anomalous local code execution events that may indicate an attempt to exploit the origin validation flaw.

Generated by OpenCVE AI on May 21, 2026 at 14:41 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 21 May 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 21 May 2026 13:45:00 +0000

Type Values Removed Values Added
Description An origin validation error vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
First Time appeared Trendmicro
Trendmicro apexone Op
Trendmicro apexone Saas
Weaknesses CWE-346
CPEs cpe:2.3:a:trendmicro:apexone_op:14.0.0.14136:*:*:*:*:*:*:*
cpe:2.3:a:trendmicro:apexone_saas:14.0.0.20315:*:*:*:*:*:*:*
Vendors & Products Trendmicro
Trendmicro apexone Op
Trendmicro apexone Saas
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Trendmicro Apexone Op Apexone Saas
cve-icon MITRE

Status: PUBLISHED

Assigner: trendmicro

Published:

Updated: 2026-05-21T13:48:57.313Z

Reserved: 2026-02-11T16:33:44.102Z

Link: CVE-2025-71213

cve-icon Vulnrichment

Updated: 2026-05-21T13:48:45.545Z

cve-icon NVD

Status : Undergoing Analysis

Published: 2026-05-21T14:16:43.897

Modified: 2026-05-21T15:05:28.023

Link: CVE-2025-71213

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-21T14:45:12Z

Weaknesses