Security News > 2024 > December > BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)
2024-12-18 09:39

BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installations to test the patch and implement it quickly. About CVE-2024-12356 BeyondTrust Privileged Remote Access is an enterprise solution that mediates secure remote access to enterprise environments for employees and trusted vendors. BeyondTrust Remote Support allows organizations’ IT helpdesk personnel to securely connect … More → The post BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/12/18/beyondtrust-fixes-critical-vulnerability-in-remote-access-support-solutions-cve-2024-12356/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-12-17 CVE-2024-12356 Command Injection vulnerability in Beyondtrust Remote Support
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
network
low complexity
beyondtrust CWE-77
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Beyondtrust 9 0 3 13 3 19