- Description
- A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
- Source
- 13061848-ea10-403d-bd75-c83a022c2891
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability
- Exploit added on
- Jan 13, 2025
- Exploit action due
- Feb 3, 2025
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
PostgreSQL flaw exploited as zero-day in BeyondTrust breach CVE-2024-12356 CVE-2024-12686 #Hacking #infosec #CyberSecurity https://t.co/x6cMARhrUk
@FragmentedSoul5
17 Feb 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BeyondTrust revealed that attackers breached its systems and 17 Remote Support SaaS instances in early December using two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a stolen API key. https://t.co/DEz5kN12Ff
@riskigy
15 Feb 2025
23 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
BeyondTrust reveló que por una falla de seguridad de PostgreSQL hackearon sus sistemas y 17 instancias de SaaS de soporte remoto a principios de diciembre utilizando dos errores de día cero (CVE-2024-12356 y CVE-2024-12686) y una clave API robada. 🧉 https://t.co/ggO4tCAQfc
@MarquisioX
14 Feb 2025
106 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-12686
@transilienceai
14 Feb 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2024-12686 - BeyondTrust vulnerability exploited in the wild https://t.co/bq0tRbz0aI https://t.co/Z7Dh2yNXe9
@ticveintitres
14 Feb 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2024-12686
@transilienceai
8 Feb 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2024-12686
@transilienceai
5 Feb 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2024-12686 - BeyondTrust vulnerability exploited in the wild https://t.co/ZkBll6nNrs https://t.co/zKyFfD6NgK
@scandaletti
16 Jan 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12686 - BeyondTrust vulnerability exploited in the wild https://t.co/c5ywfRWiOI https://t.co/K495H7Jkfj
@Jotape_VM
15 Jan 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA has added a new command injection vulnerability, CVE-2024-12686, linked to BeyondTrust's Remote Support services to its KEV Catalog after a significant breach at the US Treasury by Silk Typhoon. ⚠️🇺🇸 #CyberThreat #Vulnerability #CybersecurityNews l… https://t.co/uPC31VNGb
@TweetThreatNews
15 Jan 2025
55 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical BeyondTrust PRA/RS vulnerability (CVE-2024-12686) under active exploitation allows admin-level OS command injection. DCS customers protected via custom sandbox & hardening rules. Stay vigilant! #BeyondTrustSec #InfoSec #CyberSecurity https://t.co/ZMK9PpFpww https://t
@VanCoggins
15 Jan 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12686 - BeyondTrust vulnerability exploited in the wild https://t.co/RP5II1pS0n https://t.co/eN47cDWsdr
@mayurk21
15 Jan 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2024-12686 Alert 🚨 A critical vuln in BeyondTrust’s PRA & RS products could allow admin privilege escalation. ➡️ Patch now via advisory BT24-11: https://t.co/OrgHZW1aVZ ➡️ Limit admin access to reduce risk. Stay secure! #CyberSecurity #Vulnerability #BeyondTrust
@CypherCrafter
14 Jan 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
La CISA a ajouté à son catalogue KEV la vulnérabilité concernant BeyondTrust Remote Support et Privileged Remote Access (CVE-2024-12686). Cette faille permet à un attaquant avec un compte sur le système d'exécuter du code arbitraire. https://t.co/d56fOsSrZZ
@cert_ist
14 Jan 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA orders agencies to patch BeyondTrust bug exploited in attacks: https://t.co/SpLKFGFTEm CISA has mandated U.S. federal agencies to patch a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access and Remote Support software, identified as… h
@securityRSS
14 Jan 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Orders Agencies to Patch BeyondTrust Vulnerability Actively Exploited. US federal agenciesmust urgently address a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) software. https://t.co/FHmiPo8s5v https:
@riskigy
14 Jan 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: ‼️ #BeyondTrust: rilevato lo sfruttamento attivo in rete delle CVE-2024-12686 e CVE-2024-12356, relative a #RemoteSupport e #PrivilegedRemoteAccess Rischio: 🔴 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/dFhjeYWZCJ ⚠ Importante agg… https://t.co/WW6zMr5nl7
@Vulcanux_
14 Jan 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of a newly discovered BeyondTrust vulnerability (CVE-2024-12686) linked to state-sponsored attacks from Silk Typhoon. It allows administrative command execution on systems. 🛡️🇺🇸 #US #CISA #SilkTyphoon #CybersecurityNews link: https://t.co/us5KoIxgLH https://t.co/cZ
@TweetThreatNews
14 Jan 2025
35 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. #cybersecurity #informationsecurity https://t.co/YmApgs9gew
@SecAdvsAlerts
14 Jan 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Adds New BeyondTrust Flaw (CVE-2024-12686) to KEV Catalog 🚨 A command injection vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) allows attackers with admin privileges to execute malicious commands. Linked to the Treasury breach by… ht
@arunpratap786
14 Jan 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12686 is a newly identified vulnerability in BeyondTrust products that pose security risks due to active exploitation. #Information_security #cybersecurity Save What Matters: https://t.co/vGjUhhOWcg
@InfoSec_b
14 Jan 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks https://t.co/eHZqr0yoX8 CVE-2024-12686がKEVに追加されましたね ▼参考 【セキュリティ ニュース】BeyondTrustのリモート管理製品に深刻な脆弱性 - 悪用も確認済み(1ページ目 / 全2ページ):Security NEXT… https://t.co/ppmOu2Itpj https://t.co/HkL18OOeKA
@taku888infinity
14 Jan 2025
791 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
CISA adds a second BeyondTrust flaw (CVE-2024-12686) to its KEV catalog amid active attacks. This medium-severity vulnerability enables command injection by attackers with admin privileges. 💻🔒 #US #CVE2024 #CyberThreats #CybersecurityNews link: https://t.co/dSf38Rbzxx https://
@TweetThreatNews
14 Jan 2025
50 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
米国サイバーセキュリティ・社会基盤安全保障庁(CISA)が既知の悪用された脆弱性カタログに2件の追加。なおメールとWebでの周知は失念している模様。 BeyondTrust PRA&RSのコマンドインジェクションCVE-2024-12686とQlik SenseのHTTPトンネリングCVE-2023-48365。対処期限は通常の2/3。ランサムウェア… https://t.co/IdIVOpGuJg https://t.co/C9k7HtOjCp
@__kokumoto
14 Jan 2025
1108 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Alert! CISA has added another critical BeyondTrust flaw to its "Known Exploited Vulnerabilities" catalog—this time, impacting Privileged Remote Access (PRA) and Remote Support (RS). Attackers are actively exploiting it — CVE-2024-12686. Read more: https://t.co/rovjOSwQ0X
@TheHackersNews
14 Jan 2025
14353 Impressions
53 Retweets
137 Likes
22 Bookmarks
0 Replies
0 Quotes
CISA KEV Catalog Update Part III- January 2025 #CISAKEV #CVE-2024-12686 #CVE-2023-48365 https://t.co/zoEX97JFQ7
@pravin_karthik
14 Jan 2025
45 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CISA Orders Agencies to Patch BeyondTrust Vulnerabilities 🚨 Two critical flaws in BeyondTrust's Privileged Remote Access and Remote Support software (CVE-2024-12686 & CVE-2024-12356) are being actively exploited by attackers, including Chinese state-backed group Silk… ht
@arunpratap786
13 Jan 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. #CyberSecurity #CyberAttacks https://t.co/vPQO9XMp6J
@YourAnonRiots
13 Jan 2025
38 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CISA flags BeyondTrust vulnerabilities CVE-2024-12686 and CVE-2024-12356 as exploited by Silk Typhoon in a breach affecting the U.S. Treasury. Ensuring network security is crucial! 🔒🇺🇸 #SilkTyphoon #APIsecurity #USTreasury #CybersecurityNews link: https://t.co/jkWGxzGcoV http
@TweetThreatNews
13 Jan 2025
34 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-12686 #BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability https://t.co/Xl48yUaVwK
@ScyScan
13 Jan 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added #QlikSense and #BeyondTrust vulnerabilities, CVE-2023-48365 & CVE-2024-12686, to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/dOIn6I9vuB & apply mitigations to protect your org from cyberattacks. #Cybersecurity https://t.co/3gKRFE9Haw
@CISACyber
13 Jan 2025
6005 Impressions
38 Retweets
70 Likes
6 Bookmarks
3 Replies
5 Quotes
🚨 Heads up, cybersecurity pros: 8,600+ BeyondTrust instances are exposed online. Are your systems patched against CVE-2024-12356 & CVE-2024-12686? Manual checks recommended. Stay secure! #CyberSecurity #PatchNow https://t.co/SVlM1TSzyu
@ThreatVector24
7 Jan 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Suggested timely Security Copilot prompt: Tell me about CVE-2024-12356 and CVE-2024-12686 that was involved in a recent United States Treasury Department hack by China. Identify if these impact my own environment and give me the CVSS scores that I can include in a report to my… h
@rodtrent
6 Jan 2025
459 Impressions
1 Retweet
5 Likes
2 Bookmarks
0 Replies
0 Quotes
#threatreport #LowCompleteness BeyondTrust Security Incident - Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) | 20-12-2024 Source: https://t.co/shhSZVUHbb Key details below ↓ 💀Threats: Beyondtrust_tool, 🔓CVEs: CVE-2024-12686… https://t.co/hIM8LDx
@rst_cloud
21 Dec 2024
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12686 A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to i… https://t.co/FICdfh8hgi
@CVEnew
18 Dec 2024
173 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D402E4B5-D3EA-4AD1-8954-92FB6A873906",
"versionEndIncluding": "24.3.1"
},
{
"criteria": "cpe:2.3:a:beyondtrust:remote_support:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AD0D0CD2-E8CE-40B6-B8F0-2FB1A98DA3F8",
"versionEndIncluding": "24.3.1"
}
],
"operator": "OR"
}
]
}
]