Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to address a command injection vulnerability, CVE-2024-12686, linked to BeyondTrust’s Remote Support services. This medium-severity flaw was identified following a significant data breach at the US Treasury Department, attributed to the Chinese hacking group Silk Typhoon. BeyondTrust has since patched all instances of its Remote Support products to mitigate the risk associated with this vulnerability.
Threat Actor: Silk Typhoon | Silk Typhoon
Victim: US Treasury Department | US Treasury Department
Keypoints :
- CISA added CVE-2024-12686 to its Known Exploited Vulnerabilities Catalog.
- The vulnerability allows attackers with administrative privileges to execute commands remotely.
- BeyondTrust has completed patches for all cloud and self-hosted versions of its Remote Support products.