Critical security gap in BeyondTrust Privileged Remote Access and Remote Support
The developers have closed a dangerous vulnerability in current versions of BeyondTrust Privileged Remote Access and Remote Support.
(Image: Artur Szczybylo/Shutterstock.com)
Attackers can attack the remote access software Privileged Remote Access (PRA) and Remote Support (RS) from BeyondTrust and execute their own commands in the underlying operating system.
Close the security gap
Due to the"critical" classification of the vulnerability (CVE-2024-12356), it can be assumed that systems are considered fully compromised after successful attacks. According to a warning message, attacks should be possible remotely and without authentication.
It should be possible to initiate attacks via certain client requests. It is not clear from the report what this could look like in detail. So far, there have been no reports of ongoing attacks.
Videos by heise
The developers assure that they have closed the gap in the PRA patch BT24-10-ONPREM1 or BT24-10-ONPREM2 and RS patch BT24-10-ONPREM1 or BT24-10-ONPREM2 releases. Anyone still using a version prior to 22.1 must upgrade in order to receive the security update. According to BeyondTrust, cloud instances have already been automatically updated to the latest version.
(des)
