JPCERT-AT-2026-0014
JPCERT/CC
2026-05-21
If these vulnerabilities are exploited, an authenticated attacker may be able to tamper with arbitrary files on the server, potentially allowing crafted code to be distributed to the security agent, or escalate privileges.
Trend Micro Incorporated has reported that attacks exploiting the relative path traversal vulnerability in TrendAI Apex One(On Premise) (CVE-2026-34926) have been observed in the wild.Since one of the vulnerabilities has already been exploited in the wild, the users of the affected products are recommended to update the affected system to the latest version as soon as possible.Please refer to the information provided by Trend Micro.
Trend Micro Incorporated
ITW SECURITY BULLETIN: Apex One and Vision One – Standard Endpoint Protection (SEP) May 2026 Security Bulletin (Text in Japanese)
https://success.trendmicro.com/ja-JP/solution/KA-0022974
- TrendAI Apex One (On Premise)
- Trend Micro Apex One as a Service
- TrendAI Vision One Endpoint Security - Standard Endpoint Protection
According to Trend Micro, the only product that could be vulnerable to the exploitation of the relative path traversal vulnerability(CVE-2026-34926) is TrendAI Apex One (On Premise).
TrendAI Apex One (On Premise)
- Apply the patch to the server and security agent.
Trend Micro Apex One as a Service and TrendAI Vision One Endpoint Security - Standard Endpoint Protection
- Apply the patch to the security agent. Since these products are cloud services, the server-side vulnerabilities were already fixed during the April 2026 maintenance.
Japan Vulnerability Notes JVNVU#90583059
Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (May 2026)
https://jvn.jp/en/vu/JVNVU90583059
If you have any information regarding this alert, please contact JPCERT/CC.
JPCERT Coordination Center (Cyber Security Coordination Group)
MAIL: ew-info@jpcert.or.jp
https://www.jpcert.or.jp/english/
JPCERT/CC
2026-05-21
I. Overview
On May 21, 2026, Trend Micro has released the information regarding multiple vulnerabilities in TrendAI Apex One (On Premise), Trend Micro Apex One as a Service, TrendAI Vision One Endpoint Security - Standard Endpoint Protection.If these vulnerabilities are exploited, an authenticated attacker may be able to tamper with arbitrary files on the server, potentially allowing crafted code to be distributed to the security agent, or escalate privileges.
Trend Micro Incorporated has reported that attacks exploiting the relative path traversal vulnerability in TrendAI Apex One(On Premise) (CVE-2026-34926) have been observed in the wild.Since one of the vulnerabilities has already been exploited in the wild, the users of the affected products are recommended to update the affected system to the latest version as soon as possible.Please refer to the information provided by Trend Micro.
Trend Micro Incorporated
ITW SECURITY BULLETIN: Apex One and Vision One – Standard Endpoint Protection (SEP) May 2026 Security Bulletin (Text in Japanese)
https://success.trendmicro.com/ja-JP/solution/KA-0022974
II. Affected Products
Affected products are as follows:- TrendAI Apex One (On Premise)
- Trend Micro Apex One as a Service
- TrendAI Vision One Endpoint Security - Standard Endpoint Protection
According to Trend Micro, the only product that could be vulnerable to the exploitation of the relative path traversal vulnerability(CVE-2026-34926) is TrendAI Apex One (On Premise).
III. Solution
Please consider applying the appropriate patch according to the information provided by Trend Micro. Trend Micro has released the patches listed below that address the vulnerabilities.TrendAI Apex One (On Premise)
- Apply the patch to the server and security agent.
Trend Micro Apex One as a Service and TrendAI Vision One Endpoint Security - Standard Endpoint Protection
- Apply the patch to the security agent. Since these products are cloud services, the server-side vulnerabilities were already fixed during the April 2026 maintenance.
IV. References
Japan Vulnerability Notes JVNVU#90583059
Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (May 2026)
https://jvn.jp/en/vu/JVNVU90583059
If you have any information regarding this alert, please contact JPCERT/CC.
JPCERT Coordination Center (Cyber Security Coordination Group)
MAIL: ew-info@jpcert.or.jp
https://www.jpcert.or.jp/english/
