CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability
securityweek
The US cybersecurity agency CISA warns that a recently disclosed vulnerability in BeyondTrust’s remote access products has been exploited in the wild.
The issue, tracked as CVE-2024-12356 (CVSS score of 9.8), is a command injection bug impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) that can be exploited without authentication.
BeyondTrust released patches for the flaw last week, warning that it affects all PRA and RS versions up to 24.3.1 and urging customers to update their on-premises installations as soon as possible. The fixes were rolled out to cloud customers last week.
The company also revealed that CVE-2024-12356 was discovered during a forensic investigation into the compromise of a limited number of customers’ Remote Support SaaS instances, but did not clearly say whether the security defect was exploited in the attacks.
Responding to a SecurityWeek inquiry, a BeyondTrust spokesperson said that the company continues ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE