CISA Directs Agencies to Address BeyondTrust Vulnerabilities
/ 1 min read
🔒✨ CISA warns of critical vulnerabilities in BeyondTrust software amid active exploitation. The Cybersecurity and Infrastructure Security Agency (CISA) has identified a command injection vulnerability (CVE-2024-12686) in BeyondTrust’s Privileged Remote Access and Remote Support software as actively exploited in attacks, mandating U.S. federal agencies to secure their networks by February 3. Additionally, another critical vulnerability (CVE-2024-12356) was reported following a breach of BeyondTrust’s Remote Support SaaS instances, where attackers stole an API key to reset passwords. The breaches have been linked to the Chinese state-backed group Silk Typhoon, which targeted sensitive U.S. Treasury systems. BeyondTrust has issued patches for the vulnerabilities, but users of self-hosted instances must apply them manually.
