U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog

Pierluigi Paganini December 20, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw, tracked as CVE-2024-12356 (CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog.

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow

An unauthenticated attacker can exploit the vulnerability to inject commands that are run as a site user.

“A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.” reads the advisory.

“All BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions contain a command injection vulnerability which can be exploited through a malicious client request. Successful exploitation of this vulnerability can allow an unauthenticated remote attacker to execute underlying operating system commands within the context of the site user.” reported BeyondTrust. “This issue is fixed through a patch available for all supported releases of RS & PRA 22.1.x and higher.”

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix this vulnerability by December 27, 2024.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, BeyondTrust, CISA Known Exploited Vulnerabilities catalog)



you might also like

leave a comment