diff --git a/tasks/section_5/cis_5.2.x.yml b/tasks/section_5/cis_5.2.x.yml
index 659a11d..7daf6d1 100644
--- a/tasks/section_5/cis_5.2.x.yml
+++ b/tasks/section_5/cis_5.2.x.yml
@@ -232,11 +232,21 @@
       - rule_5.2.11
 
 - name: "5.2.12 | PATCH | Ensure SSH X11 forwarding is disabled"
-  ansible.builtin.lineinfile:
-      path: "{{ rhel9_cis_sshd_config_file }}"
-      regexp: "^#X11Forwarding|^X11Forwarding"
-      line: 'X11Forwarding no'
-      validate: sshd -t -f %s
+  block:
+
+      - name: "5.2.12 | PATCH | Ensure SSH X11 forwarding is disabled | config file"
+        ansible.builtin.lineinfile:
+            path: "{{ rhel9_cis_sshd_config_file }}"
+            regexp: "^#X11Forwarding|^X11Forwarding"
+            line: 'X11Forwarding no'
+            validate: sshd -t -f %s
+
+      - name: "5.2.12 | PATCH | Ensure SSH X11 forwarding is disabled | override"
+        ansible.builtin.lineinfile:
+            path: /etc/ssh/sshd_config.d/50-redhat.conf
+            regexp: "^#X11Forwarding|^X11Forwarding"
+            line: 'X11Forwarding no'
+            validate: sshd -t -f %s
   when:
       - rhel9cis_rule_5_2_12
   tags: