CVE-2024-12686CISA KEV: Actively Exploited

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability

Published Jan 13, 2025·Updated Jan 13, 2025

Description

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execute underlying operating system commands within the context of the site user.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free