CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

2024-12-20 04:30

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2024-12356 (CVSS score: 9.8), is a command injection flaw that

News URL

https://thehackernews.com/2024/12/cisa-adds-critical-flaw-in-beyondtrust.html

#cisa #critical #vulnerabilities #CVE-2024-12356

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-17	CVE-2024-12356	A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. network low complexity CWE-77 critical	9.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Beyondtrust		9	0	3	12	2	17

News URL

Related news

Related Vulnerability

Related vendor