CVE-2024-12356

PostgreSQL flaw exploited as zero-day in BeyondTrust breach By Sergiu Gatlan February 14, 2025 09:15 AM 0 ​Rapid7's vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. BeyondTrust revealed that attackers breached its systems and 17 Remote Support SaaS instances in early December using two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a stolen API key. Less th...

CISA orders agencies to patch BeyondTrust bug exploited in attacks By Sergiu Gatlan January 13, 2025 03:58 PM 0 ​CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated by the Binding Operational Directive (BOD) 22-01, after being added to CISA's Known Exploited Vulnerabilities catalog, U.S. federal agencies must secure their networks against ongoing attacks targetin...

US Treasury Department breached through remote support platform By Lawrence Abrams December 30, 2024 05:19 PM 0 Chinese state-sponsored threat actors hacked the U.S. Treasury Department after breaching a remote support platform used by the federal agency. In a letter sent to lawmakers and seen by the New York Times, the Treasury Department warned lawmakers it was first notified of the breach on December 8th by its vendor BeyondTrust. BeyondTrust is a privileged access management company tha...

BeyondTrust says hackers breached Remote Support SaaS instances By Bill Toulas December 19, 2024 10:42 AM 1 Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances. BeyondTrust is a cybersecurity company specializing in Privileged Access Management (PAM) and secure remote access solutions. Their products are used by government agencies, tech firms, retail and e-commerce entities, he...

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further

A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say. Rapid7's principal security researcher, Stephen Fewer, disclosed CVE-2025-1094 (8.1) on Thursday, saying it was a key part of the exploit chain that also included the BeyondTrust zero-day (CVE-2024-12356). In fact, CVE-2025-1094 was so important to the chain that the BeyondTrust attack couldn't have been pulled off without it, ...