incident
BeyondTrust Remote Support SaaS Instances Breached via API Key Compromise and Command Injection VulnerabilitiesCVE-2024-12356
Attackers breached BeyondTrust's Remote Support SaaS instances using a compromised API key, enabling password resets of local accounts. Two command injection vulnerabilities (CVE-2024-12686 and CVE-2024-12356) were subsequently disclosed, with CVE-2024-12356 added to CISA's Known Exploited Vulnerabilities catalog. The incident highlights risks in privileged access management tools.