BeyondTrust Privileged Remote Access is confirmed as an affected platform in the Storm-1175 Medusa ransomware campaign. No discrete CVE identifier for BeyondTrust was specified in the published source data for this period. Given the privileged access nature of this platform, compromise represents a severe blast radius — attackers gaining access to a PAM or PRA solution can pivot to any managed system. Restrict internet exposure of BeyondTrust instances, apply all current vendor patches, and revoke and reissue certificates on any potentially exposed instances.