Home/News/BeyondTrust Warns of Critical Flaws in Remote Access Software
BleepingComputer2 min read

BeyondTrust Warns of Critical Flaws in Remote Access Software

BeyondTrust issued a security advisory this week, urging customers to urgently patch two critical vulnerabilities present in its Remote Support (RS) and Privileged Remote Access (PRA) software. These flaws, if exploited, could allow unauthorized attackers to bypass authentication mechanisms, granting them access to sensitive systems and data.

The company has not yet disclosed the specific CVE identifiers for these vulnerabilities, nor has it provided a timeline for when patches will be available. However, BeyondTrust emphasized the severity of the issues and the potential for significant compromise. The advisory suggests that successful exploitation could lead to a complete takeover of the affected systems, enabling attackers to perform actions such as data exfiltration, privilege escalation, or further network lateral movement.

Remote Support and Privileged Remote Access solutions are designed to provide secure, controlled access to IT systems for support and administrative purposes. Vulnerabilities in these tools are particularly concerning as they are often deployed with broad network privileges. Attackers who gain control of these systems can effectively become a trusted insider, making detection and mitigation significantly more challenging.

BeyondTrust is advising all users of its RS and PRA software to monitor their official security channels for forthcoming patch releases and to implement any interim mitigation strategies that may be provided. The company also recommends reviewing access logs and system activity for any signs of suspicious behavior that may have occurred prior to the patching of these vulnerabilities.

Original source — read the full reporting at the publisher:

Read on BleepingComputer

Read next