The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported an OS command injection vulnerability in BeyondTrust's products, allowing attackers with admin rights to run commands as a site user.
BeyondTrust disclosed that both vulnerabilities were discovered during investigations into a cyber incident, where a compromised Remote Support API key allowed actors to breach systems and reset local passwords.
CISA added CVE-2024-12686 to its Known Exploited Vulnerabilities catalog after evidence showed active exploitation, highlighting a significant risk to those using BeyondTrust's remote access products.
In early December, a major security incident linked to a compromised API key led to breaches affecting multiple systems, with the U.S. Treasury Department being among those targeted.
Collection
[
|
...
]