CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks
CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks
13 January 2025
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability in question is CVE-2024-12686 (CVSS score: 6.6), a medium-severity bug that could