Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
Summary
Threat actors are actively exploiting a critical vulnerability (CVSS 9.9) in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products. The exploitation was observed by watchTowr through their global sensors. This vulnerability allows attackers to abuse unspecified functionality within these products.
IFF Assessment
FOE
Active exploitation of a critical vulnerability makes this bad news for defenders.
Severity
9.9
Critical
Defender Context
Defenders using BeyondTrust RS or PRA need to urgently patch their systems and monitor for signs of compromise. The active exploitation highlights the importance of rapid patching and vulnerability management. The trend of attackers quickly weaponizing vulnerabilities makes proactive threat hunting and detection engineering crucial.