CVE-2024-12686

Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)

CVSS 6.6 MEDIUMEPSS 13.8%● KEVCWE-78

In short

An admin user with existing access to Remote Support or Privilege Remote Access software can inject malicious commands that execute with the privileges of a regular site user. This allows them to run unauthorized code on the system.

Technical detail

Command injection vulnerability (CWE-78) in PRA and RS products requires pre-existing administrative credentials to inject arbitrary OS commands through input parameters, resulting in code execution with site user privileges. The attack vector is local/network-based depending on access method, with moderate impact on system integrity and confidentiality.

Summary generated and translated by AI from the official description.

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

BeyondTrust · Remote Support(RS) & Privileged Remote Access(PRA)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://nvd.nist.gov/vuln/detail/CVE-2024-12686 https://www.beyondtrust.com/trust-center/security-advisories/bt24-11 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12686