The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning to federal agencies to patch a critical vulnerability in BeyondTrust's remote access products by December 27. The vulnerability, CVE-2024-12356, is a command injection flaw (CVSS score of 9.8) that can be exploited without authentication and has been actively exploited in the wild. BeyondTrust has released patches for all impacted versions and is urging customers to update their on-premises installations immediately while already securing cloud instances. The vulnerability was discovered during an investigation into a compromise affecting some Remote Support SaaS instances, but BeyondTrust has not confirmed if it was exploited during the attacks. A second, less critical vulnerability (CVE-2024-12686) was also patched, which could allow remote attackers with administrative privileges to execute commands on the operating system. Continue here.
If you do need a website security audit or your business needs a red team for real life attack simulation, please Contact us. We would give you the best in quality and the most affordable you would get on the market place. Enjoy our 100% refundable deals. You can’t loose let’s talk about your project.
Kindly reach out on WhatsApp directly and let’s make this decision your most important and best investment post 3 years.
Disclaimer: Full credit to the writer, and the associates.
