Vulnerabilities > Beyondtrust > Remote Support > 16.1.4

DATE CVE VULNERABILITY TITLE RISK
2024-12-18 CVE-2024-12686 OS Command Injection vulnerability in Beyondtrust Remote Support
A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
network
low complexity
beyondtrust CWE-78
7.2
2024-12-17 CVE-2024-12356 Command Injection vulnerability in Beyondtrust Remote Support
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
network
low complexity
beyondtrust CWE-77
critical
9.8
2017-10-26 CVE-2017-5996 Untrusted Search Path vulnerability in Beyondtrust Remote Support
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.
local
low complexity
beyondtrust CWE-426
7.8