BeyondTrust reports critical vulnerability in it's appliances
Take action: If you haven't already auto-patched your BeyondTrust, start patching right now. Your BeyondTrust appliances are designed to be internet facing, so they are immediately accessible to attackers.
Learn More
BeyondTrust, an American company that develops, ma family of privileged identity management / access management, privileged remote access, and vulnerability management products has reported a critical vulnerability in it's appliances.
The security advisory was initially provided only to customers but was made public by security researcher Brian Krebs. BeyondTrust confirmed the existence of the vulnerability and clarified that the affected appliances are:
- Remote Support versions 23.2.1 and 23.2.2,
- Privileged Remote Access Versions 23.2.1 and 23.2.2,
Upon identifying the vulnerability, the company took immediate action to address the issue and promptly remediated the bug. A patch to fix the vulnerability was made available, and BeyondTrust automatically deployed it to its cloud customers. Additionally, all on-premises customers participating in the automatic critical update process were also provided with the patch. The company took a proactive approach by contacting all impacted on-premises customers to ensure they installed the available patch promptly.
The severity of the vulnerability is significant, with a CVSS score of 10. According to the advisory posted by Brian Krebs, the vulnerability is categorized as a command injection vulnerability. This means that unauthenticated remote attackers can exploit the flaw to execute operating system commands within the context of the site user, potentially gaining unauthorized access to sensitive information and compromising the affected systems.
The discovery of the vulnerability came during standard code audits and penetration tests carried out by BeyondTrust's security team.
Given the severity and potential impact of the vulnerability, BeyondTrust urges all affected customers to apply the patch immediately to secure their systems. By deploying the patch promptly, customers can prevent potential unauthorized access and mitigate any risk associated with the vulnerability.
