CVE-2025-34291 & CVE-2023-41179: CISA Warns of Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) catalog, signaling a heighted threat level for organizations utilizing Langflow and Trend Micro Apex One. According to The Hacker News, these additions come after evidence emerged that threat actors are actively leveraging these flaws in the wild. For defenders, inclusion in the KEV catalog is a definitive signal that the window for testing is closed and immediate remediation is required.

Technical Analysis: CVE-2025-34291 in Langflow

The most severe of the new additions is CVE-2025-34291, which carries a CVSS score of 9.4. This CVE involves an origin validation error within Langflow, an open-source UI for LangChain designed to build multi-agent AI applications. The vulnerability stems from insufficient checks on incoming requests, which could allow an attacker to bypass security controls. In the context of AI orchestration tools, such flaws often lead to unauthorized RCE, as these platforms frequently handle sensitive API keys and internal data connections.

How to detect CVE-2025-34291 exploit in AI Frameworks

Security teams should monitor network traffic for anomalous requests originating from untrusted domains targeting the Langflow API. Since this is an origin validation issue, logs may show requests with manipulated ‘Origin’ or ‘Host’ headers. Defending these environments requires a Zero Trust approach where every interaction between the AI orchestration layer and internal databases is authenticated and validated. Security researchers recommend reviewing Langflow logs for any unexpected administrative actions or changes to agentic workflows that were not initiated by authorized users. Implementing Langflow 1.0.0 security patch guidance by upgrading to the latest stable version is the primary defense against this TTP.

Technical Analysis: CVE-2023-41179 in Trend Micro Apex One

The second vulnerability, CVE-2023-41179, affects Trend Micro Apex One and Apex One SaaS. This flaw has a CVSS score of 9.1 and resides in a third-party uninstaller component bundled with the software. The vulnerability allows for unrestricted file upload, which can be leveraged to achieve arbitrary code execution.

While the exploit requires an attacker to possess administrative credentials, the risk remains significant. Administrative credentials are a frequent target of Phishing and credential stuffing. Once an attacker gains access, they can use this vulnerability for Lateral Movement or to disable security software entirely. This is particularly dangerous because Apex One is an EDR and endpoint security solution; compromising it effectively blinds the SOC to further malicious activity on the host.

Trend Micro Apex One vulnerability mitigation steps

To address this risk, administrators must apply the specific service packs and patches released by Trend Micro. Mitigation involves ensuring that the uninstaller component is updated to a version that properly validates file uploads. Beyond patching, organizations should implement strict Privilege Escalation monitoring. If an attacker is attempting to use this CVE, your SIEM may trigger alerts on the execution of the uninstaller process (frequently named MsiExec.exe or similar) by accounts that do not typically perform maintenance tasks.

Strategic Recommendations for Defenders

CISA has mandated that Federal Civilian Executive Branch (FCEB) agencies patch these vulnerabilities by June 12, 2025. Private sector organizations should follow a similar timeline. The exploitation of security tools and AI frameworks represents a shift in attacker focus toward the infrastructure that manages both security and data processing.

Defenders should prioritize the following actions:

• Identify all instances of Langflow, especially those exposed to the internet, and update to version 1.0.0 or later.
• Audit Trend Micro Apex One installations to ensure the uninstaller component patch has been successfully deployed across the fleet.
• Review IoC data provided by vendors to search for signs of historical compromise prior to patching.
• Update MITRE ATT&CK mapping to include these specific exploits, focusing on ‘Exploitation for Privilege Escalation’ and ‘Exploitation of Remote Services’.