Security comes first at BeyondTrust, and our number one priority is enabling customers to secure and protect their environments.
In February 2015, CVE-2014-3515 was published regarding a vulnerability that was applicable to our BeyondTrust (previously Bomgar) Remote Support solution. At that time, we immediately distributed a patch to mitigate this vulnerability and resolved the issue in Remote Support 14.3.3, released in May 2015, and all later versions. We also notified our Remote Support customers and worked with them to update their software.
We’ve been made aware of a current attack that is leveraging this old vulnerability and targeting users who have not applied the patch or upgraded their Remote Support software since before the 14.3.3 release in 2015. BeyondTrust is working with current and former customers who could be affected to help them upgrade to the latest software version.
As always, we encourage customers to upgrade to the most current version of our software and apply updates as they’re released. If you are running an older version and interested in receiving the latest Remote Support software, please create a case within our support portal or email email@example.com for assistance.