Japanese cybersecurity software program firm Development Micro has addressed a zero-day vulnerability in Apex One which was exploited in assaults focusing on Home windows techniques.
Apex One is Development Micro’s enterprise-grade endpoint safety platform that protects company networks from a variety of safety threats, together with malware, ransomware, fileless assaults, and web-based threats.
This vulnerability, tracked as CVE-2026-34926, permits a neighborhood attacker with administrative privileges to inject malicious code because of a listing traversal vulnerability in Apex One (on-premises) servers.
“A listing traversal vulnerability in Apex One (on-premises) servers might permit a pre-authenticated, native attacker to switch the important thing desk on the server and inject malicious code that could possibly be deployed to brokers on affected installations,” Development Micro mentioned Thursday.
“This vulnerability is just exploitable in on-premises variations of Apex One, and to use this vulnerability, a possible attacker would want entry to the Apex One server and have already got administrative credentials for the server via another means.”
Nonetheless, regardless of the stringent necessities for profitable exploitation, the corporate warned that “TrendAI has noticed at the very least one try to use this vulnerability within the wild.”
Federal businesses ordered to use patches inside three weeks
Yesterday, the U.S. Cybersecurity and Infrastructure Safety Company (CISA) additionally added CVE-2026-34926 to its checklist of actively exploited vulnerabilities and ordered federal businesses to patch their units by June 4th.
“All these vulnerabilities are a frequent assault vector by malicious cyber attackers and pose important dangers to federal enterprises,” CISA warned. “Apply mitigations as directed by the seller and observe the BOD 22-01 steerage relevant to your cloud service, or discontinue use of the product if mitigations usually are not obtainable.”
Development Micro additionally launched a safety replace Thursday that addresses seven native privilege escalation vulnerabilities in its Apex One Commonplace Endpoint Safety (SEP) agent. This vulnerability could possibly be exploited if an attacker has permission to execute low-privileged code on the goal system.
Menace actors have steadily focused Development Micro Apex One flaws over the previous few years, many with zero-day assaults.
For instance, Development Micro warned about an Apex One RCE bug (CVE-2025-54948) that was actively exploited in August 2025, and two different Apex One zero-days that have been actively exploited in September 2022 (CVE-2022-40139) and September 2023 (CVE-2023-41179). Addressed a bug.
CISA is at present monitoring 12 Development Micro Apex vulnerabilities which were or are at present being exploited in assaults.
Automated penetration testing instruments supply actual worth, however they have been constructed to reply one query: Can an attacker get via your community? They don’t seem to be constructed to check whether or not controls block threats, detection guidelines fireplace, or cloud configurations are preserved.
This information describes six surfaces that you need to really look at.
Obtain now
