CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Dec 27, 2024
High
CISA KEVCVE-2024-12356
BeyondTrust—Privileged Remote Access (PRA) and Remote Support (RS)
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user.
Required Action
https://www.beyondtrust.com/trust-center/security-advisories/bt24-10 ; https://nvd.nist.gov/vuln/detail/CVE-2024-12356
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Dec 19, 2024
- KEV Added
- Dec 19, 2024
- Due Date
- Dec 27, 2024
- Related Articles
- 0
Vendor
BeyondTrust
Privileged Remote Access (PRA) and Remote Support (RS)