{"id":47444,"date":"2026-03-03T08:22:26","date_gmt":"2026-03-03T01:22:26","guid":{"rendered":"https:\/\/antoanthongtinhaiphong.gov.vn\/?p=47444"},"modified":"2026-03-04T08:23:10","modified_gmt":"2026-03-04T01:23:10","slug":"apex-one-dinh-8-lo-hong-nang-co-the-thuc-thi-ma-tu-xa","status":"publish","type":"post","link":"https:\/\/antoanthongtinhaiphong.gov.vn\/apex-one-dinh-8-lo-hong-nang-co-the-thuc-thi-ma-tu-xa\/","title":{"rendered":"Apex One d\u00ednh 8 l\u1ed7 h\u1ed5ng n\u1eb7ng, c\u00f3 th\u1ec3 th\u1ef1c thi m\u00e3 t\u1eeb xa"},"content":{"rendered":"
Trend Micro v\u1eeba ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt quan tr\u1ecdng ng\u00e0y 24\/02\/2026 cho d\u00f2ng s\u1ea3n ph\u1ea9m b\u1ea3o m\u1eadt \u0111\u1ea7u cu\u1ed1i Apex One sau khi ph\u00e1t hi\u1ec7n nhi\u1ec1u l\u1ed7 h\u1ed5ng c\u00f3 th\u1ec3 cho ph\u00e9p tin t\u1eb7c th\u1ef1c thi m\u00e3 t\u1eeb xa v\u00e0 leo thang \u0111\u1eb7c quy\u1ec1n tr\u00ean c\u1ea3 Windows l\u1eabn macOS. C\u00e1c l\u1ed7 h\u1ed5ng n\u00e0y \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn m\u00f4i tr\u01b0\u1eddng doanh nghi\u1ec7p \u0111ang s\u1eed d\u1ee5ng Apex One b\u1ea3n on-premises v\u00e0 c\u1ea3 c\u00e1c phi\u00ean b\u1ea3n SaaS.<\/b>
\n\u200b<\/div>\n
\"1772433326571.png\"<\/a>\u200b<\/div>\n
L\u1ed7 h\u1ed5ng x\u1ea3y ra \u1edf \u0111\u00e2u v\u00e0 m\u1ee9c \u0111\u1ed9 nguy hi\u1ec3m ra sao?\u200b<\/div>\n
C\u00e1c phi\u00ean b\u1ea3n b\u1ecb \u1ea3nh h\u01b0\u1edfng g\u1ed3m Apex One 2019 on-premises (Windows), Apex One as a Service v\u00e0 Trend Vision One Endpoint Standard tri\u1ec3n khai tr\u00ean n\u1ec1n t\u1ea3ng SaaS. Ng\u01b0\u1eddi d\u00f9ng on-premises c\u1ea7n c\u1eadp nh\u1eadt l\u00ean b\u1ea3n Critical Patch Build 14136. V\u1edbi b\u1ea3n SaaS tr\u00ean Mac, Trend Micro \u0111\u00e3 t\u1ef1 \u0111\u1ed9ng c\u1eadp nh\u1eadt th\u00f4ng qua c\u01a1 ch\u1ebf ActiveUpdate t\u1eeb cu\u1ed1i n\u0103m 2025.<\/p>\n

T\u1ed5ng c\u1ed9ng c\u00f3 8 l\u1ed7 h\u1ed5ng \u0111\u01b0\u1ee3c c\u00f4ng b\u1ed1, mang m\u00e3 t\u1eeb CVE-2025-71210 \u0111\u1ebfn CVE-2025-71217. Hai l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng nh\u1ea5t l\u00e0 CVE-2025-71210 v\u00e0 CVE-2025-71211 c\u00f3 \u0111i\u1ec3m CVSS 9,8, thu\u1ed9c nh\u00f3m Directory Traversal (CWE-22). N\u1ebfu khai th\u00e1c th\u00e0nh c\u00f4ng, k\u1ebb t\u1ea5n c\u00f4ng kh\u00f4ng c\u1ea7n x\u00e1c th\u1ef1c v\u1eabn c\u00f3 th\u1ec3 t\u1ea3i l\u00ean v\u00e0 th\u1ef1c thi m\u00e3 \u0111\u1ed9c th\u00f4ng qua b\u1ea3ng \u0111i\u1ec1u khi\u1ec3n qu\u1ea3n l\u00fd (management console).<\/p>\n

Ngo\u00e0i ra c\u00f2n c\u00f3 nhi\u1ec1u l\u1ed7 h\u1ed5ng leo thang \u0111\u1eb7c quy\u1ec1n (LPE) tr\u00ean Windows v\u00e0 Mac, \u0111i\u1ec3m CVSS dao \u0111\u1ed9ng 7,2 \u0111\u1ebfn 7,8, li\u00ean quan \u0111\u1ebfn l\u1ed7i x\u00e1c th\u1ef1c ngu\u1ed3n g\u1ed1c (CWE-346), l\u1ed7i theo li\u00ean k\u1ebft (CWE-59) v\u00e0 \u0111i\u1ec1u ki\u1ec7n race condition d\u1ea1ng TOCTOU (CWE-367).\u200b<\/p><\/div>\n

C\u01a1 ch\u1ebf khai th\u00e1c v\u00e0 nguy\u00ean nh\u00e2n\u200b<\/div>\n
Hai l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng xu\u1ea5t ph\u00e1t t\u1eeb l\u1ed7i ki\u1ec3m so\u00e1t \u0111\u01b0\u1eddng d\u1eabn trong console qu\u1ea3n tr\u1ecb. Tin t\u1eb7c c\u00f3 th\u1ec3 l\u1ee3i d\u1ee5ng k\u1ef9 thu\u1eadt directory traversal \u0111\u1ec3 ghi file \u0111\u1ed9c h\u1ea1i v\u00e0o v\u1ecb tr\u00ed ngo\u00e0i th\u01b0 m\u1ee5c cho ph\u00e9p, t\u1eeb \u0111\u00f3 th\u1ef1c thi m\u00e3 tr\u00ean m\u00e1y ch\u1ee7 qu\u1ea3n l\u00fd. N\u1ebfu console \u0111\u01b0\u1ee3c m\u1edf ra Internet ho\u1eb7c kh\u00f4ng gi\u1edbi h\u1ea1n IP truy c\u1eadp, nguy c\u01a1 b\u1ecb t\u1ea5n c\u00f4ng s\u1ebd t\u0103ng cao.<\/p>\n

C\u00e1c l\u1ed7 h\u1ed5ng leo thang \u0111\u1eb7c quy\u1ec1n l\u1ea1i cho ph\u00e9p t\u00e0i kho\u1ea3n c\u00f3 quy\u1ec1n th\u1ea5p n\u00e2ng l\u00ean quy\u1ec1n h\u1ec7 th\u1ed1ng th\u00f4ng qua sai s\u00f3t trong ki\u1ec3m tra ngu\u1ed3n g\u1ed1c ho\u1eb7c x\u1eed l\u00fd file t\u1ea1m th\u1eddi. \u0110i\u1ec1u n\u00e0y \u0111\u1eb7c bi\u1ec7t nguy hi\u1ec3m trong m\u00f4i tr\u01b0\u1eddng doanh nghi\u1ec7p, n\u01a1i m\u1ed9t \u0111i\u1ec3m x\u00e2m nh\u1eadp nh\u1ecf c\u00f3 th\u1ec3 tr\u1edf th\u00e0nh b\u00e0n \u0111\u1ea1p ki\u1ec3m so\u00e1t to\u00e0n h\u1ec7 th\u1ed1ng.\u200b<\/p><\/div>\n

R\u1ee7i ro v\u00e0 ph\u1ea1m vi \u1ea3nh h\u01b0\u1edfng\u200b<\/div>\n
N\u1ebfu b\u1ecb khai th\u00e1c, tin t\u1eb7c c\u00f3 th\u1ec3:\u200b<\/div>\n
    \n
  • \n
    Th\u1ef1c thi m\u00e3 t\u1eeb xa tr\u00ean m\u00e1y ch\u1ee7 qu\u1ea3n l\u00fd b\u1ea3o m\u1eadt\u200b<\/div>\n<\/li>\n
  • \n
    Chi\u1ebfm quy\u1ec1n qu\u1ea3n tr\u1ecb h\u1ec7 th\u1ed1ng\u200b<\/div>\n<\/li>\n
  • \n
    V\u00f4 hi\u1ec7u h\u00f3a ph\u1ea7n m\u1ec1m b\u1ea3o m\u1eadt\u200b<\/div>\n<\/li>\n
  • \n
    Tri\u1ec3n khai ransomware ho\u1eb7c \u0111\u00e1nh c\u1eafp d\u1eef li\u1ec7u\u200b<\/div>\n<\/li>\n<\/ul>\n
    Hi\u1ec7n ch\u01b0a ghi nh\u1eadn khai th\u00e1c ngo\u00e0i th\u1ef1c t\u1ebf, nh\u01b0ng do l\u1ed7 h\u1ed5ng li\u00ean quan tr\u1ef1c ti\u1ebfp \u0111\u1ebfn h\u1ec7 th\u1ed1ng b\u1ea3o m\u1eadt \u0111\u1ea7u cu\u1ed1i, m\u1ee9c \u0111\u1ed9 r\u1ee7i ro \u0111\u01b0\u1ee3c \u0111\u00e1nh gi\u00e1 r\u1ea5t cao.\u200b<\/div>\n
    Khuy\u1ebfn ngh\u1ecb t\u1eeb chuy\u00ean gia\u200b<\/div>\n
    Trend Micro \u0111\u00e3 ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 ch\u00ednh th\u1ee9c. Doanh nghi\u1ec7p c\u1ea7n:\u200b<\/div>\n
      \n
    • \n
      C\u1eadp nh\u1eadt Apex One l\u00ean Critical Patch Build 14136 (on-premises)\u200b<\/div>\n<\/li>\n
    • \n
      \u0110\u1ea3m b\u1ea3o agent SaaS \u0111ang \u1edf phi\u00ean b\u1ea3n m\u1edbi nh\u1ea5t\u200b<\/div>\n<\/li>\n
    • \n
      Gi\u1edbi h\u1ea1n truy c\u1eadp console qu\u1ea3n l\u00fd b\u1eb1ng IP n\u1ed9i b\u1ed9\u200b<\/div>\n<\/li>\n
    • \n
      R\u00e0 so\u00e1t ch\u00ednh s\u00e1ch truy c\u1eadp t\u1eeb xa\u200b<\/div>\n<\/li>\n
    • \n
      Ki\u1ec3m tra log b\u1ea5t th\u01b0\u1eddng li\u00ean quan \u0111\u1ebfn upload file ho\u1eb7c truy c\u1eadp console\u200b<\/div>\n<\/li>\n<\/ul>\n
      Ngay c\u1ea3 c\u00e1c gi\u1ea3i ph\u00e1p b\u1ea3o m\u1eadt c\u0169ng c\u00f3 th\u1ec3 tr\u1edf th\u00e0nh m\u1ee5c ti\u00eau t\u1ea5n c\u00f4ng n\u1ebfu t\u1ed3n t\u1ea1i l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng. Doanh nghi\u1ec7p c\u1ea7n xem vi\u1ec7c c\u1eadp nh\u1eadt b\u1ea3n v\u00e1 l\u00e0 \u01b0u ti\u00ean h\u00e0ng \u0111\u1ea7u, \u0111\u1ed3ng th\u1eddi th\u01b0\u1eddng xuy\u00ean ki\u1ec3m tra c\u1ea5u h\u00ecnh v\u00e0 gi\u1edbi h\u1ea1n b\u1ec1 m\u1eb7t t\u1ea5n c\u00f4ng. Trong b\u1ed1i c\u1ea3nh c\u00e1c m\u1ed1i \u0111e d\u1ecda ng\u00e0y c\u00e0ng tinh vi, vi\u1ec7c ch\u1eadm tr\u1ec5 c\u1eadp nh\u1eadt c\u00f3 th\u1ec3 ph\u1ea3i tr\u1ea3 gi\u00e1 b\u1eb1ng to\u00e0n b\u1ed9 h\u1ec7 th\u1ed1ng.\u200b<\/div>\n","protected":false},"excerpt":{"rendered":"

      Trend Micro v\u1eeba ph\u00e1t h\u00e0nh b\u1ea3n v\u00e1 b\u1ea3o m\u1eadt quan tr\u1ecdng ng\u00e0y 24\/02\/2026 cho d\u00f2ng s\u1ea3n ph\u1ea9m b\u1ea3o m\u1eadt \u0111\u1ea7u cu\u1ed1i Apex One sau khi ph\u00e1t hi\u1ec7n nhi\u1ec1u l\u1ed7 h\u1ed5ng c\u00f3 th\u1ec3 cho ph\u00e9p tin t\u1eb7c th\u1ef1c thi m\u00e3 t\u1eeb xa v\u00e0 leo thang \u0111\u1eb7c quy\u1ec1n tr\u00ean c\u1ea3 Windows l\u1eabn macOS. C\u00e1c l\u1ed7 h\u1ed5ng n\u00e0y […]<\/p>\n","protected":false},"author":20,"featured_media":47445,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"tdm_status":"","tdm_grid_status":"","footnotes":""},"categories":[3,24,35],"tags":[],"class_list":["post-47444","post","type-post","status-publish","format-standard","has-post-thumbnail","category-canh-bao-khuyen-nghi","category-tin-noi-bat","category-tin-tuc-su-kien"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/users\/20"}],"replies":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/comments?post=47444"}],"version-history":[{"count":1,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47444\/revisions"}],"predecessor-version":[{"id":47446,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/posts\/47444\/revisions\/47446"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media\/47445"}],"wp:attachment":[{"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/media?parent=47444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/categories?post=47444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/antoanthongtinhaiphong.gov.vn\/wp-json\/wp\/v2\/tags?post=47444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}