Pattern Micro has warned prospects to instantly safe their methods in opposition to an actively exploited distant code execution vulnerability in its Apex One endpoint safety platform.
Apex One is an endpoint safety platform designed to mechanically detect and reply to threats, together with malicious instruments, malware, and vulnerabilities.
This vital safety flaw (tracked as CVE-2025-54948 and CVE-2025-54987 relying on the CPU structure) is because of a command injection weak point within the Apex One Administration Console (on-premise) that permits pre-authenticated attackers to execute arbitrary code remotely on methods working unpatched software program.
Pattern Micro has but to subject safety updates to patch this actively exploited vulnerability, however it has launched a mitigation software that gives short-term mitigation in opposition to exploitation makes an attempt.
The Japanese CERT additionally issued an alert relating to the lively exploitation of the 2 flaws, urging customers to mitigate them as quickly as doable.
“Whereas it’s going to absolutely shield in opposition to identified exploits, it’s going to disable the flexibility for directors to make the most of the Distant Set up Agent perform to deploy brokers from the Pattern Micro Apex One Administration Console,” the corporate defined in a Tuesday advisory.
“Pattern Micro has noticed as least one occasion of an try to actively exploit one in all these vulnerabilities within the wild.”
Safety patches coming mid-August
The corporate mentioned it’s going to launch a patch across the center of August 2025, which will even restore the Distant Set up Agent performance disabled by the mitigation software.
Till a safety patch is accessible, Pattern Micro urged directors to promptly safe susceptible endpoints, even when this implies briefly shedding distant administration capabilities.
“For this explicit vulnerability, an attacker will need to have entry to the Pattern Micro Apex One Administration Console, so prospects which have their console’s IP handle uncovered externally ought to contemplate mitigating components reminiscent of supply restrictions if not already utilized,” it added.
“Nonetheless, regardless that an exploit could require a number of particular situations to be met, Pattern Micro strongly encourages prospects to replace to the most recent builds as quickly as doable.”
Pattern Micro has patched two different Apex One zero-day vulnerabilities, one in all them exploited within the wild in September 2022 (CVE-2022-40139) and one other in September 2023 (CVE-2023-41179).
Earlier this month, the corporate additionally addressed a number of critical-severity distant code execution and authentication bypass flaws in its Apex Central and Endpoint Encryption (TMEE) PolicyServer merchandise.
Malware focusing on password shops surged 3X as attackers executed stealthy Excellent Heist situations, infiltrating and exploiting vital methods.
Uncover the highest 10 MITRE ATT&CK methods behind 93% of assaults and how one can defend in opposition to them.
