CISA warns second BeyondTrust vulnerability also exploited in the wild | CSO Online

CISA added a second BeyondTrust vulnerability, CVE-2024-12686, to its known exploited vulnerabilities catalog. This medium-risk flaw, patched in December, allows command injection with administrator privileges. Government agencies have until February 3rd to identify and patch vulnerable deployments.