NEWS BRIEF
The Cybersecurity and Infrastructure Safety Company (CISA) is urging federal businesses to patch a command injection flaw tracked as CVE-2024-12686, in any other case often known as BT24-11, and has added it to the Recognized Exploited Vulnerabilities (KEV) Catalog.
The medium-severity safety bug was discovered as part of BeyondTrust’s Distant Assist SaaS Service safety investigation, which was launched after a serious information breach on the US Treasury Department. Silk Typhoon, a Chinese language hacking group, was reportedly chargeable for the December 2024 cyberattack, by which menace actors had been capable of acquire credentials to Treasury workstations via the third-party vendor after which steal information. On Dec. 18, BeyondTrust reported figuring out BT24-11 inside its self-hosted and cloud Distant Assist and Privileged Distant Entry merchandise, after reporting BT24-10 simply two days prior.
On Jan. 6, in its newest replace, BeyondTrust reported that its forensic investigation is sort of full and that each one software-as-a-service cases of BeyondTrust Distant Assist have been absolutely patched with no new recognized victims.
“All cloud cases have been patched for this vulnerability,” BeyondTrust said within the update. “We’ve got additionally launched a patch for self-hosted variations.”
CISA said that the vulnerability “may be exploited by an attacker with current administrative privileges to inject instructions and run as a website consumer.” That may permit a distant attacker to execute underlying working system instructions.
Source link