BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA
Summary
BeyondTrust has patched a critical pre-authentication remote code execution (RCE) vulnerability affecting Remote Support (RS) and Privileged Remote Access (PRA) products. Successful exploitation of the flaw could allow attackers to execute arbitrary code without authentication. Users are urged to update their installations immediately.
IFF Assessment
A pre-authentication RCE vulnerability allows attackers to compromise systems without needing valid credentials.
Severity
Defender Context
This vulnerability poses a significant risk, as it allows remote attackers to execute arbitrary code. Defenders should immediately apply the available patches and monitor their systems for any signs of compromise. Pre-authentication RCE vulnerabilities are highly sought after by threat actors, making vulnerable systems attractive targets.