Researchers Observe Active Exploitation of Critical Vulnerability in BeyondTrust Products

Researchers from watchTowr have observed an active exploitation in real-world conditions of a critical vulnerability affecting BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products. The flaw, identified with a CVSS score of 9.9, has been targeted by malicious actors, according to a statement by Ryan Dewhurst, head of threat intelligence at watchTowr, published on X. The exploitation was detected via the company's global sensors. No specific details on the exact date, attack vectors, or concrete impacts are provided in the available excerpt.