{"id":11271,"date":"2026-02-27T11:38:29","date_gmt":"2026-02-27T17:38:29","guid":{"rendered":"https:\/\/beaconlab.us\/?post_type=publicacion&#038;p=11271"},"modified":"2026-02-27T11:38:30","modified_gmt":"2026-02-27T17:38:30","slug":"alerta-2026-17-multiples-vulnerabilidades-en-apex-one","status":"publish","type":"publicacion","link":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-17-multiples-vulnerabilidades-en-apex-one\/","title":{"rendered":"Alerta 2026-17 Multiples Vulnerabilidades en Apex One"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Producto(s) afectado(s):&nbsp;<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Tren Micro Apex One<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Descripci\u00f3n<\/h2>\n\n\n\n<p>Trend&nbsp;Micro ha parcheado dos vulnerabilidades cr\u00edticas de&nbsp;Apex&nbsp;One&nbsp;que permiten a los atacantes&nbsp;sin privilegios&nbsp;obtener ejecuci\u00f3n remota de c\u00f3digo (RCE) en sistemas Windows vulnerables.&nbsp;<\/p>\n\n\n\n<p>Ambas vulnerabilidades afectan a la consola de administraci\u00f3n de&nbsp;Trend&nbsp;Micro&nbsp;Apex&nbsp;One&nbsp;y podr\u00edan permitir que un atacante remoto&nbsp;sin privilegios&nbsp;cargue c\u00f3digo malicioso y ejecute comandos en las instalaciones afectadas.&nbsp;<\/p>\n\n\n\n<p>CVE-2025-71210&nbsp;(CVSS 9.8)&nbsp;es&nbsp;una debilidad en la ruta de acceso en la consola de administraci\u00f3n de&nbsp;Trend&nbsp;Micro&nbsp;Apex&nbsp;One, que permite a atacantes sin privilegios ejecutar c\u00f3digo malicioso en sistemas sin parches.&nbsp;CVE-2025-71211 es otra vulnerabilidad de&nbsp;en la&nbsp;consola de administraci\u00f3n de&nbsp;Apex&nbsp;One, similar en alcance a CVE-2025-71210&nbsp;(CVSS 9.8) pero que afecta a un ejecutable diferente.&nbsp;<\/p>\n\n\n\n<p class=\"has-text-align-left\">La explotaci\u00f3n exitosa requiere que los atacantes&nbsp;tengan acceso a la consola de administraci\u00f3n&nbsp;Trend&nbsp;Micro&nbsp;Apex&nbsp;One,&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Mitigaciones y soluciones<\/h2>\n\n\n\n<p>Los usuarios afectados deben&nbsp;realizar las siguientes acciones:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Aplicar restricciones de IP de origen\u00a0<\/li>\n\n\n\n<li>Descargar las actualizaciones\u00a0del Centro de descargas de Trend Micro<\/li>\n\n\n\n<li>Revisar politicas de acceso remoto\u00a0<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Informaci\u00f3n adicional:<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/trend-micro-warns-of-critical-apex-one-rce-vulnerabilities\/\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.bleepingcomputer.com\/news\/security\/trend-micro-warns-of-critical-apex-one-rce-vulnerabilities\/<\/a>\u00a0<\/li>\n\n\n\n<li><a href=\"https:\/\/securityaffairs.com\/188572\/security\/trend-micro-fixes-two-critical-flaws-in-apex-one.html\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/securityaffairs.com\/188572\/security\/trend-micro-fixes-two-critical-flaws-in-apex-one.html<\/a>\u00a0<\/li>\n\n\n\n<li>https:\/\/cyberpress.org\/critical-trend-micro-apex-one-flaws\/<\/li>\n<\/ul>\n","protected":false},"featured_media":0,"template":"","class_list":["post-11271","publicacion","type-publicacion","status-publish","hentry"],"acf":{"activar_pdf_link":false,"pdf":null,"numero_de_boletin":"","traffic_light_protocol":"Amber"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/11271","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion"}],"about":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/types\/publicacion"}],"version-history":[{"count":1,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/11271\/revisions"}],"predecessor-version":[{"id":11272,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/11271\/revisions\/11272"}],"wp:attachment":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/media?parent=11271"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}