Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2024-12356
Modified
Known KEV
More InfoOfficial Page
Source-13061848-ea10-403d-bd75-c83a022c2891
View Known Exploited Vulnerability (KEV) details
Published At-17 Dec, 2024 | 05:15
Updated At-17 Feb, 2025 | 21:15

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
2024-12-192024-12-27BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection VulnerabilityApply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
BeyondTrust Corporation
beyondtrust
>>privileged_remote_access>>Versions up to 24.3.1(inclusive)
cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*
BeyondTrust Corporation
beyondtrust
>>remote_support>>Versions up to 24.3.1(inclusive)
cpe:2.3:a:beyondtrust:remote_support:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-77Secondary13061848-ea10-403d-bd75-c83a022c2891
CWE-77Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://nvd.nist.gov/vuln/detail/CVE-2024-1235613061848-ea10-403d-bd75-c83a022c2891
Third Party Advisory
US Government Resource
https://www.beyondtrust.com/trust-center/security-advisories/bt24-1013061848-ea10-403d-bd75-c83a022c2891
Vendor Advisory
https://www.cve.org/CVERecord?id=CVE-2024-1235613061848-ea10-403d-bd75-c83a022c2891
Third Party Advisory
US Government Resource
https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysisaf854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found