{"id":11592,"date":"2026-07-08T11:21:49","date_gmt":"2026-07-08T17:21:49","guid":{"rendered":"https:\/\/beaconlab.us\/?post_type=publicacion&#038;p=11592"},"modified":"2026-07-08T11:21:50","modified_gmt":"2026-07-08T17:21:50","slug":"alerta-2026-68-vulnerabilidades-importantes-en-idira","status":"publish","type":"publicacion","link":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/","title":{"rendered":"Alerta 2026-68 Vulnerabilidades importantes en Idira"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Producto(s) afectado(s):&nbsp;<\/h2>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><td>Producto<\/td><td>Versiones afectadas<\/td><\/tr><\/thead><tbody><tr><td>EPM SaaS Windows Agent<\/td><td>Todas las versiones anteriores a 26.6<\/td><\/tr><tr><td>EPM SaaS Windows Agent<\/td><td>Todas las versiones anteriores a 26.6<\/td><\/tr><tr><td>Privileged Threat Analytics (PTA) \/ PAM Self\u2011Hosted<\/td><td>Todas las versiones anteriores a 15.2<\/td><\/tr><tr><td>Vault \/ Infra Self\u2011Hosted<\/td><td>Todas las versiones anteriores a 15.0.3 (inclusive)<\/td><\/tr><tr><td>Remote Control Client<\/td><td>Todas las versiones anteriores a 15.0.3 (inclusive)<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Descripci\u00f3n<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Se han reportado 5 vulnerabilidades importantes en&nbsp;Idira (anteriormente CyberArk, ahora parte de Palo Alto Networks) que afectan componentes clave de su stack de privilegios: agentes de Endpoint Privilege Manager (EPM), la plataforma de anal\u00edtica PTA\/PAM Self\u2011Hosted, el Vault\/Infra y el Remote Control Client. Actualmente, de los cinco, \u00fanicamente&nbsp;<strong>CA26\u201127<\/strong>&nbsp;tiene CVE p\u00fablico asignado:&nbsp;<strong>CVE\u20112026\u201122016<\/strong>&nbsp;(CVSS v4.0:&nbsp;<strong>8.7<\/strong>), correspondiente a una divulgaci\u00f3n de informaci\u00f3n en el componente de terceros Azul Zulu\/JAXP utilizado por Privileged Threat Analytics.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Dado que Idira es la plataforma que gestiona credenciales privilegiadas, sesiones cr\u00edticas y anal\u00edtica de amenazas en los entornos de sus clientes, estas vulnerabilidades deben tratarse como&nbsp;<strong>prioridad alta<\/strong>: un compromiso exitoso de cualquiera de estos componentes puede derivar en acceso no autorizado al Vault, escalada de privilegios en endpoints o interrupci\u00f3n del agente en dispositivos cr\u00edticos.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">A continuaci\u00f3n se detallan las vulnerabilidades publicadas:&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">CA26\u201124 \u2013 Escalada de privilegios en EPM Windows Agent (CVSS 8.4 \u2013 High)<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Impacto:<\/strong>&nbsp;Potencial escalada de privilegios no autorizada aprovechando los di\u00e1logos de Idira EPM.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Un usuario local en un endpoint podr\u00eda abusar de los cuadros de di\u00e1logo configurados en el agente EPM para elevar sus privilegios m\u00e1s all\u00e1 de lo que la pol\u00edtica deber\u00eda permitir. La falla afecta espec\u00edficamente a&nbsp;<strong>agentes con di\u00e1logos configurados<\/strong>. No hay mitigaci\u00f3n temporal disponible; la \u00fanica soluci\u00f3n es actualizar.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CVE:<\/strong>\u00a0N\/A (no publicado en repositorios externos)<\/li>\n\n\n\n<li><strong>Productos:<\/strong>\u00a0EPM SaaS Windows Agent<\/li>\n\n\n\n<li><strong>Versiones afectadas:<\/strong>\u00a0Todas las versiones anteriores a\u00a0<strong>26.6<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">CA26\u201125 \u2013 DoS en EPM Windows Agent por manejo incorrecto de comunicaciones internas (High)<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Impacto:<\/strong>&nbsp;Potencial denegaci\u00f3n de servicio (DoS) en el agente por manejo incorrecto de las comunicaciones internas del agente.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Un atacante o proceso malicioso en el endpoint podr\u00eda provocar que el agente EPM deje de funcionar correctamente, interrumpiendo la aplicaci\u00f3n de pol\u00edticas de privilegio m\u00ednimo en el endpoint afectado. No hay mitigaci\u00f3n temporal disponible.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CVE:<\/strong>\u00a0N\/A<\/li>\n\n\n\n<li><strong>Productos:<\/strong>\u00a0EPM SaaS Windows Agent<\/li>\n\n\n\n<li><strong>Versiones afectadas:<\/strong>\u00a0Todas las versiones anteriores a\u00a0<strong>26.6<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">CA26\u201127 \u2013 Divulgaci\u00f3n de informaci\u00f3n en Azul Zulu \/ JAXP en PTA (CVSS 8.7 \u2013 High)<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Impacto:<\/strong>&nbsp;Potencial divulgaci\u00f3n de informaci\u00f3n en el componente de terceros Azul Zulu (componente JAXP) utilizado por Privileged Threat Analytics (PTA).<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">La vulnerabilidad, identificada como&nbsp;<strong>CVE\u20112026\u201122016<\/strong>, reside en la librer\u00eda de terceros Azul Zulu (componente JAXP) integrada en PTA\/PAM Self\u2011Hosted. Podr\u00eda permitir a un atacante obtener informaci\u00f3n sensible a trav\u00e9s del componente de procesamiento XML. No hay mitigaci\u00f3n temporal; se debe actualizar.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CVE:<\/strong>\u00a0CVE\u20112026\u201122016<\/li>\n\n\n\n<li><strong>Productos:<\/strong>\u00a0Privileged Threat Analytics (PTA), Idira PAM Self\u2011Hosted<\/li>\n\n\n\n<li><strong>Versiones afectadas:<\/strong>\u00a0Todas las versiones anteriores a\u00a0<strong>15.2<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">CA26\u201128 \u2013 Acceso no autorizado al Vault v\u00eda autenticaci\u00f3n RADIUS (CVSS 7.7 \u2013 High)<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Impacto:<\/strong>&nbsp;Potencial acceso no autorizado al Vault cuando se utiliza autenticaci\u00f3n RADIUS.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Una vulnerabilidad en el manejo del protocolo RADIUS en el componente Vault\/Infra Self\u2011Hosted podr\u00eda permitir a un atacante eludir los controles de autenticaci\u00f3n y acceder al Vault. Tras actualizar, puede ser necesaria una&nbsp;<strong>reconfiguraci\u00f3n adicional<\/strong>relacionada con mejoras de seguridad en el protocolo RADIUS; consultar el art\u00edculo FAQ dedicado en la comunidad t\u00e9cnica de Idira.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CVE:<\/strong>\u00a0N\/A<\/li>\n\n\n\n<li><strong>Productos:<\/strong>\u00a0Vault \/ Infra Self\u2011Hosted<\/li>\n\n\n\n<li><strong>Versiones afectadas:<\/strong>\u00a0Todas las versiones anteriores a\u00a0<strong>15.0.3 (inclusive)<\/strong><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">CA26\u201129 \u2013 Compromiso potencial del Vault v\u00eda Remote Control Client (CVSS 8.4 \u2013 High)<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Impacto:<\/strong>&nbsp;Potencial compromiso del Vault a trav\u00e9s del Remote Control Client.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">El Remote Control Client es una herramienta de administraci\u00f3n utilizada para automatizar tareas sobre el Vault y el DR Vault. La vulnerabilidad podr\u00eda permitir que un actor con acceso a este cliente ejecute acciones no autorizadas sobre el Vault. No hay mitigaci\u00f3n temporal disponible.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CVE:<\/strong>\u00a0N\/A<\/li>\n\n\n\n<li><strong>Productos:<\/strong>\u00a0Remote Control Client<\/li>\n\n\n\n<li><strong>Versiones afectadas:<\/strong>\u00a0Todas las versiones anteriores a\u00a0<strong>15.0.3 (inclusive)<\/strong><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Soluci\u00f3n:&nbsp;<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">El proveedor recomienda aplicar los parches correspondientes:&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table class=\"has-fixed-layout\"><thead><tr><td>Producto y versi\u00f3n instalada<\/td><td>Versi\u00f3n de parche recomendada<\/td><td>Descarga<\/td><td>Documentaci\u00f3n<\/td><\/tr><\/thead><tbody><tr><td>EPM SaaS Windows Agent \u2013 todas las versiones anteriores a 26.6 (CA26\u201124, CA26\u201125)<\/td><td>26.6<\/td><td>Ver documentaci\u00f3n<\/td><td><a href=\"https:\/\/docs.cyberark.com\/epm\/latest\/en\/content\/installation\/agentinstallation.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade EPM Agent<\/a><\/td><\/tr><tr><td>PTA \/ PAM Self\u2011Hosted \u2013 versiones anteriores a 15.2 (CA26\u201127)<\/td><td>15.2<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-27-PTA-15.2\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/latest\/en\/content\/pta\/workflow-upgrading-pta.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade PTA 15.2<\/a><\/td><\/tr><tr><td>PTA \/ PAM Self\u2011Hosted 15.0.x anterior a 15.0.1<\/td><td>15.0.1<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-27-PTA-15.0.1\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/15.0\/en\/content\/pta\/workflow-upgrading-pta.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade PTA 15.0<\/a><\/td><\/tr><tr><td>PTA \/ PAM Self\u2011Hosted 14.6 (LTS) anterior a 14.6.2<\/td><td>14.6.2<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-27-PTA-14.6.2\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/14.6\/en\/content\/pta\/workflow-upgrading-pta.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade PTA 14.6<\/a><\/td><\/tr><tr><td>PTA \/ PAM Self\u2011Hosted 14.2 (LTS) anterior a 14.2.5<\/td><td>14.2.5<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-27-PTA-14.2.5\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/14.2\/en\/content\/pta\/workflow-upgrading-pta.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade PTA 14.2<\/a><\/td><\/tr><tr><td>PTA \/ PAM Self\u2011Hosted 14.0 (LTS) anterior a 14.0.5<\/td><td>14.0.5<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-27-PTA-14.0.5\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/14.0\/en\/content\/pta\/workflow-upgrading-pta.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade PTA 14.0<\/a><\/td><\/tr><tr><td>Vault \/ Infra Self\u2011Hosted 15.0.x anterior a 15.0.4 (CA26\u201128)<\/td><td>15.0.4<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-28-DV-15.0.4\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/15.0\/en\/content\/pas%20inst\/upgrading-the-privileged-account-security-solution.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade Vault 15.0<\/a><\/td><\/tr><tr><td>Vault \/ Infra Self\u2011Hosted 14.6.x anterior a 14.6.6<\/td><td>14.6.6<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-28-DV-14.6.6\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/14.6\/en\/content\/pas%20inst\/upgrading-the-privileged-account-security-solution.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade Vault 14.6<\/a><\/td><\/tr><tr><td>Vault \/ Infra Self\u2011Hosted 14.2.x anterior a 14.2.8<\/td><td>14.2.8<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-28-DV-14.2.8\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/14.2\/en\/content\/pas%20inst\/upgrading-the-privileged-account-security-solution.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade Vault 14.2<\/a><\/td><\/tr><tr><td>Vault \/ Infra Self\u2011Hosted 14.0.x o versiones m\u00e1s antiguas<\/td><td>14.0.9<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-28-DV-14.0.9\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/14.0\/en\/content\/pas%20inst\/upgrading-the-privileged-account-security-solution.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade Vault 14.0<\/a><\/td><\/tr><tr><td>Remote Control Client 15.0.x anterior a 15.0.4 (CA26\u201129)<\/td><td>15.0.4<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-29-DV-15.0.4\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/latest\/en\/content\/pas%20inst\/installing-the-remote-control-client.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade Remote Control Client<\/a><\/td><\/tr><tr><td>Remote Control Client 14.6.x anterior a 14.6.6<\/td><td>14.6.6<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-29-DV-14.6.6\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/latest\/en\/content\/pas%20inst\/installing-the-remote-control-client.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade Remote Control Client<\/a><\/td><\/tr><tr><td>Remote Control Client 14.2.x anterior a 14.2.8<\/td><td>14.2.8<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-29-DV-14.2.8\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/latest\/en\/content\/pas%20inst\/installing-the-remote-control-client.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade Remote Control Client<\/a><\/td><\/tr><tr><td>Remote Control Client 14.0.x anterior a 14.0.9<\/td><td>14.0.9<\/td><td><a href=\"https:\/\/www.cyberark.com\/CA26-29-DV-14.0.9\" target=\"_blank\" rel=\"noreferrer noopener\">Descargar<\/a><\/td><td><a href=\"https:\/\/docs.cyberark.com\/pam-self-hosted\/latest\/en\/content\/pas%20inst\/installing-the-remote-control-client.htm\" target=\"_blank\" rel=\"noreferrer noopener\">Upgrade Remote Control Client<\/a><\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">Nota: para Vault\/Infra (CA26\u201128), tras actualizar revisar la configuraci\u00f3n RADIUS seg\u00fan el art\u00edculo FAQ de la comunidad t\u00e9cnica de Idira.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Nota CA26\u201128: si tras actualizar aparece el error ITATS108E Authentication failure, revisar el FAQ t\u00e9cnico CA26\u201128 para la reconfiguraci\u00f3n RADIUS requerida.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Referencias:<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/community.cyberark.com\/s\/article\/Idira-Security-Bulletin-CA26-24\" target=\"_blank\" rel=\"noreferrer noopener\">Idira Security Bulletin CA26\u201124 \u2013 Privilege Elevation via EPM Dialogs<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/community.cyberark.com\/s\/article\/Idira-Security-Bulletin-CA26-25\" target=\"_blank\" rel=\"noreferrer noopener\">Idira Security Bulletin CA26\u201125 \u2013 Agent DoS via Internal Communications<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/community.cyberark.com\/s\/article\/Idira-Security-Bulletin-CA26-27\" target=\"_blank\" rel=\"noreferrer noopener\">Idira Security Bulletin CA26\u201127 \u2013 Information Disclosure in Azul Zulu\/JAXP (CVE\u20112026\u201122016)<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/community.cyberark.com\/s\/article\/Idira-Security-Bulletin-CA26-28\" target=\"_blank\" rel=\"noreferrer noopener\">Idira Security Bulletin CA26\u201128 \u2013 Unauthorized Vault Access via RADIUS<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/community.cyberark.com\/s\/article\/Idira-Security-Bulletin-CA26-29\" target=\"_blank\" rel=\"noreferrer noopener\">Idira Security Bulletin CA26\u201129 \u2013 Vault Compromise via Remote Control Client<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.cyberark.com\/product-security\" target=\"_blank\" rel=\"noreferrer noopener\">Idira \/ CyberArk Product Security Portal<\/a><\/li>\n<\/ul>\n","protected":false},"featured_media":11593,"template":"","class_list":["post-11592","publicacion","type-publicacion","status-publish","has-post-thumbnail","hentry"],"acf":{"activar_pdf_link":false,"pdf":null,"numero_de_boletin":"68","traffic_light_protocol":"White"},"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.9 - aioseo.com -->\n\t<meta name=\"description\" content=\"Producto(s) afectado(s): Descripci\u00f3n Se han reportado 5 vulnerabilidades importantes en Idira (anteriormente CyberArk, ahora parte de Palo Alto Networks) que afectan componentes clave de su stack de privilegios: agentes de Endpoint Privilege Manager (EPM), la plataforma de anal\u00edtica PTA\/PAM Self\u2011Hosted, el Vault\/Infra y el Remote Control Client. Actualmente, de los cinco, \u00fanicamente CA26\u201127 tiene CVE p\u00fablico asignado: CVE\u20112026\u201122016 (CVSS v4.0: 8.7),\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<link rel=\"canonical\" href=\"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.9\" \/>\n\t\t<meta property=\"og:locale\" content=\"es_ES\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Beacon Lab - CSIRT by Cybolt\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Alerta 2026-68 Vulnerabilidades importantes en Idira - Beacon Lab\" \/>\n\t\t<meta property=\"og:description\" content=\"Producto(s) afectado(s): Descripci\u00f3n Se han reportado 5 vulnerabilidades importantes en Idira (anteriormente CyberArk, ahora parte de Palo Alto Networks) que afectan componentes clave de su stack de privilegios: agentes de Endpoint Privilege Manager (EPM), la plataforma de anal\u00edtica PTA\/PAM Self\u2011Hosted, el Vault\/Infra y el Remote Control Client. Actualmente, de los cinco, \u00fanicamente CA26\u201127 tiene CVE p\u00fablico asignado: CVE\u20112026\u201122016 (CVSS v4.0: 8.7),\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/beaconlab.us\/wp-content\/uploads\/2026\/07\/logo-idira.png\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/beaconlab.us\/wp-content\/uploads\/2026\/07\/logo-idira.png\" \/>\n\t\t<meta property=\"og:image:width\" content=\"1093\" \/>\n\t\t<meta property=\"og:image:height\" content=\"333\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2026-07-08T17:21:49+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2026-07-08T17:21:50+00:00\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:site\" content=\"@BeaconLabMX\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Alerta 2026-68 Vulnerabilidades importantes en Idira - Beacon Lab\" \/>\n\t\t<meta name=\"twitter:description\" content=\"Producto(s) afectado(s): Descripci\u00f3n Se han reportado 5 vulnerabilidades importantes en Idira (anteriormente CyberArk, ahora parte de Palo Alto Networks) que afectan componentes clave de su stack de privilegios: agentes de Endpoint Privilege Manager (EPM), la plataforma de anal\u00edtica PTA\/PAM Self\u2011Hosted, el Vault\/Infra y el Remote Control Client. Actualmente, de los cinco, \u00fanicamente CA26\u201127 tiene CVE p\u00fablico asignado: CVE\u20112026\u201122016 (CVSS v4.0: 8.7),\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/beaconlab.us\/wp-content\/uploads\/2026\/07\/logo-idira.png\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/#listItem\",\"name\":\"Alerta 2026-68 Vulnerabilidades importantes en Idira\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/#listItem\",\"position\":2,\"name\":\"Alerta 2026-68 Vulnerabilidades importantes en Idira\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#listItem\",\"name\":\"Home\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#organization\",\"name\":\"Beacon Lab\",\"description\":\"CSIRT by Cybolt\",\"url\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/\",\"telephone\":\"+528007374357\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/beaconlab.mx\\\/wp-content\\\/uploads\\\/2023\\\/12\\\/BeaconLab_V2-03.png\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/#organizationLogo\"},\"image\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/#organizationLogo\"},\"sameAs\":[\"https:\\\/\\\/twitter.com\\\/BeaconLabMX\",\"https:\\\/\\\/www.linkedin.com\\\/showcase\\\/beaconlabmx\"]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/#webpage\",\"url\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/\",\"name\":\"Alerta 2026-68 Vulnerabilidades importantes en Idira - Beacon Lab\",\"description\":\"Producto(s) afectado(s): Descripci\\u00f3n Se han reportado 5 vulnerabilidades importantes en Idira (anteriormente CyberArk, ahora parte de Palo Alto Networks) que afectan componentes clave de su stack de privilegios: agentes de Endpoint Privilege Manager (EPM), la plataforma de anal\\u00edtica PTA\\\/PAM Self\\u2011Hosted, el Vault\\\/Infra y el Remote Control Client. Actualmente, de los cinco, \\u00fanicamente CA26\\u201127 tiene CVE p\\u00fablico asignado: CVE\\u20112026\\u201122016 (CVSS v4.0: 8.7),\",\"inLanguage\":\"es-ES\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/#breadcrumblist\"},\"image\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/beaconlab.us\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/logo-idira.png\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/#mainImage\",\"width\":1093,\"height\":333},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/publicacion\\\/alerta-2026-68-vulnerabilidades-importantes-en-idira\\\/#mainImage\"},\"datePublished\":\"2026-07-08T11:21:49-06:00\",\"dateModified\":\"2026-07-08T11:21:50-06:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#website\",\"url\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/\",\"name\":\"Beacon Lab\",\"description\":\"CSIRT by Cybolt\",\"inLanguage\":\"es-ES\",\"publisher\":{\"@id\":\"https:\\\/\\\/beaconlab.us\\\/es\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Alerta 2026-68 Vulnerabilidades importantes en Idira - Beacon Lab","description":"Producto(s) afectado(s): Descripci\u00f3n Se han reportado 5 vulnerabilidades importantes en Idira (anteriormente CyberArk, ahora parte de Palo Alto Networks) que afectan componentes clave de su stack de privilegios: agentes de Endpoint Privilege Manager (EPM), la plataforma de anal\u00edtica PTA\/PAM Self\u2011Hosted, el Vault\/Infra y el Remote Control Client. Actualmente, de los cinco, \u00fanicamente CA26\u201127 tiene CVE p\u00fablico asignado: CVE\u20112026\u201122016 (CVSS v4.0: 8.7),","canonical_url":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BreadcrumbList","@id":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/beaconlab.us\/es\/#listItem","position":1,"name":"Home","item":"https:\/\/beaconlab.us\/es\/","nextItem":{"@type":"ListItem","@id":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/#listItem","name":"Alerta 2026-68 Vulnerabilidades importantes en Idira"}},{"@type":"ListItem","@id":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/#listItem","position":2,"name":"Alerta 2026-68 Vulnerabilidades importantes en Idira","previousItem":{"@type":"ListItem","@id":"https:\/\/beaconlab.us\/es\/#listItem","name":"Home"}}]},{"@type":"Organization","@id":"https:\/\/beaconlab.us\/es\/#organization","name":"Beacon Lab","description":"CSIRT by Cybolt","url":"https:\/\/beaconlab.us\/es\/","telephone":"+528007374357","logo":{"@type":"ImageObject","url":"https:\/\/beaconlab.mx\/wp-content\/uploads\/2023\/12\/BeaconLab_V2-03.png","@id":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/#organizationLogo"},"image":{"@id":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/#organizationLogo"},"sameAs":["https:\/\/twitter.com\/BeaconLabMX","https:\/\/www.linkedin.com\/showcase\/beaconlabmx"]},{"@type":"WebPage","@id":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/#webpage","url":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/","name":"Alerta 2026-68 Vulnerabilidades importantes en Idira - Beacon Lab","description":"Producto(s) afectado(s): Descripci\u00f3n Se han reportado 5 vulnerabilidades importantes en Idira (anteriormente CyberArk, ahora parte de Palo Alto Networks) que afectan componentes clave de su stack de privilegios: agentes de Endpoint Privilege Manager (EPM), la plataforma de anal\u00edtica PTA\/PAM Self\u2011Hosted, el Vault\/Infra y el Remote Control Client. Actualmente, de los cinco, \u00fanicamente CA26\u201127 tiene CVE p\u00fablico asignado: CVE\u20112026\u201122016 (CVSS v4.0: 8.7),","inLanguage":"es-ES","isPartOf":{"@id":"https:\/\/beaconlab.us\/es\/#website"},"breadcrumb":{"@id":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/#breadcrumblist"},"image":{"@type":"ImageObject","url":"https:\/\/beaconlab.us\/wp-content\/uploads\/2026\/07\/logo-idira.png","@id":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/#mainImage","width":1093,"height":333},"primaryImageOfPage":{"@id":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/#mainImage"},"datePublished":"2026-07-08T11:21:49-06:00","dateModified":"2026-07-08T11:21:50-06:00"},{"@type":"WebSite","@id":"https:\/\/beaconlab.us\/es\/#website","url":"https:\/\/beaconlab.us\/es\/","name":"Beacon Lab","description":"CSIRT by Cybolt","inLanguage":"es-ES","publisher":{"@id":"https:\/\/beaconlab.us\/es\/#organization"}}]},"og:locale":"es_ES","og:site_name":"Beacon Lab - CSIRT by Cybolt","og:type":"article","og:title":"Alerta 2026-68 Vulnerabilidades importantes en Idira - Beacon Lab","og:description":"Producto(s) afectado(s): Descripci\u00f3n Se han reportado 5 vulnerabilidades importantes en Idira (anteriormente CyberArk, ahora parte de Palo Alto Networks) que afectan componentes clave de su stack de privilegios: agentes de Endpoint Privilege Manager (EPM), la plataforma de anal\u00edtica PTA\/PAM Self\u2011Hosted, el Vault\/Infra y el Remote Control Client. Actualmente, de los cinco, \u00fanicamente CA26\u201127 tiene CVE p\u00fablico asignado: CVE\u20112026\u201122016 (CVSS v4.0: 8.7),","og:url":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/","og:image":"https:\/\/beaconlab.us\/wp-content\/uploads\/2026\/07\/logo-idira.png","og:image:secure_url":"https:\/\/beaconlab.us\/wp-content\/uploads\/2026\/07\/logo-idira.png","og:image:width":1093,"og:image:height":333,"article:published_time":"2026-07-08T17:21:49+00:00","article:modified_time":"2026-07-08T17:21:50+00:00","twitter:card":"summary_large_image","twitter:site":"@BeaconLabMX","twitter:title":"Alerta 2026-68 Vulnerabilidades importantes en Idira - Beacon Lab","twitter:description":"Producto(s) afectado(s): Descripci\u00f3n Se han reportado 5 vulnerabilidades importantes en Idira (anteriormente CyberArk, ahora parte de Palo Alto Networks) que afectan componentes clave de su stack de privilegios: agentes de Endpoint Privilege Manager (EPM), la plataforma de anal\u00edtica PTA\/PAM Self\u2011Hosted, el Vault\/Infra y el Remote Control Client. Actualmente, de los cinco, \u00fanicamente CA26\u201127 tiene CVE p\u00fablico asignado: CVE\u20112026\u201122016 (CVSS v4.0: 8.7),","twitter:image":"https:\/\/beaconlab.us\/wp-content\/uploads\/2026\/07\/logo-idira.png"},"aioseo_meta_data":{"post_id":"11592","title":null,"description":null,"keywords":null,"keyphrases":{"focus":{"keyphrase":"","score":0,"analysis":{"keyphraseInTitle":{"score":0,"maxScore":9,"error":1}}},"additional":[]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"WebPage","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":{"faqs":[],"keyPoints":[],"schemas":[],"titles":[],"descriptions":[],"socialPosts":{"email":{"subject":"","preview":"","content":""},"linkedin":[],"twitter":[],"facebook":[],"instagram":[]}},"created":"2026-07-08 17:21:50","updated":"2026-07-08 18:27:36","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/beaconlab.us\/es\/\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tAlerta 2026-68 Vulnerabilidades importantes en Idira\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/beaconlab.us\/es\/"},{"label":"Alerta 2026-68 Vulnerabilidades importantes en Idira","link":"https:\/\/beaconlab.us\/es\/publicacion\/alerta-2026-68-vulnerabilidades-importantes-en-idira\/"}],"_links":{"self":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/11592","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion"}],"about":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/types\/publicacion"}],"version-history":[{"count":1,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/11592\/revisions"}],"predecessor-version":[{"id":11595,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/publicacion\/11592\/revisions\/11595"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/media\/11593"}],"wp:attachment":[{"href":"https:\/\/beaconlab.us\/es\/wp-json\/wp\/v2\/media?parent=11592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}