CVE-2025-69258 PUBLISHED

Assigner: trendmicro
Reserved: 30.12.2025 Published: 08.01.2026 Updated: 09.01.2026

A LoadLibraryEX vulnerability in Trend Micro Apex Central could allow an unauthenticated remote attacker to load an attacker-controlled DLL into a key executable, leading to execution of attacker-supplied code under the context of SYSTEM on affected installations.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 9.8

Attack Vector	Network	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	None	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	Trend Micro, Inc.
Product	Trend Micro Apex Central
Versions	affected from 2019 (14.0) to Build 7190 (excl.)

References

https://success.trendmicro.com/en-US/solution/KA-0022071
https://success.trendmicro.com/ja-JP/solution/KA-0022081
https://www.tenable.com/security/research/tra-2026-01

CVE-2025-69258 PUBLISHED

Metrics

Product Status

References

Problem Types