{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12356", "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891", "state": "PUBLISHED", "assignerShortName": "BT", "dateReserved": "2024-12-08T18:31:21.494Z", "datePublished": "2024-12-17T04:29:07.883Z", "dateUpdated": "2025-10-21T22:55:34.239Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Remote Support", "vendor": "BeyondTrust", "versions": [{"lessThanOrEqual": "24.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Privileged Remote Access", "vendor": "BeyondTrust", "versions": [{"lessThanOrEqual": "24.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2024-12-17T04:28:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. </span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><br>"}], "value": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "13061848-ea10-403d-bd75-c83a022c2891", "shortName": "BT", "dateUpdated": "2025-01-29T19:35:07.022Z"}, "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2024-12356"}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12356"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10"}], "source": {"discovery": "UNKNOWN"}, "title": "Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12356", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-12-19T18:04:49.357119Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-12-19", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12356"}}}], "references": [{"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12356", "tags": ["government-resource"]}], "timeline": [{"time": "2024-12-19T00:00:00.000Z", "lang": "en", "value": "CVE-2024-12356 added to CISA KEV"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-21T22:55:34.239Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-02-17T20:34:17.077Z"}, "references": [{"url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis"}], "title": "CVE Program Container", "x_generator": {"engine": "ADPogram 0.0.1"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12356", "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891", "state": "PUBLISHED", "assignerShortName": "BT", "dateReserved": "2024-12-08T18:31:21.494Z", "datePublished": "2024-12-17T04:29:07.883Z", "dateUpdated": "2025-07-30T01:25:40.058Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Remote Support", "vendor": "BeyondTrust", "versions": [{"lessThanOrEqual": "24.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Privileged Remote Access", "vendor": "BeyondTrust", "versions": [{"lessThanOrEqual": "24.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2024-12-17T04:28:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. </span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><br>"}], "value": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "13061848-ea10-403d-bd75-c83a022c2891", "shortName": "BT", "dateUpdated": "2025-01-29T19:35:07.022Z"}, "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2024-12356"}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12356"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10"}], "source": {"discovery": "UNKNOWN"}, "title": "Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-02-17T20:34:17.077Z"}, "references": [{"url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis"}], "title": "CVE Program Container", "x_generator": {"engine": "ADPogram 0.0.1"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12356", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-12-19T18:04:49.357119Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-12-19", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12356"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-17T16:06:48.692Z"}, "timeline": [{"time": "2024-12-19T00:00:00+00:00", "lang": "en", "value": "CVE-2024-12356 added to CISA KEV"}], "title": "CISA ADP Vulnrichment"}]}}

{"cisaActionDue": "2024-12-27", "cisaExploitAdd": "2024-12-19", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability ", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*", "matchCriteriaId": "D402E4B5-D3EA-4AD1-8954-92FB6A873906", "versionEndIncluding": "24.3.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:beyondtrust:remote_support:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD0D0CD2-E8CE-40B6-B8F0-2FB1A98DA3F8", "versionEndIncluding": "24.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user."}, {"lang": "es", "value": "Se ha descubierto una vulnerabilidad cr\u00edtica en los productos Privileged Remote Access (PRA) and Remote Support (RS) que puede permitir que un atacante no autenticado inyecte comandos que se ejecutan como un usuario del sitio."}], "id": "CVE-2024-12356", "lastModified": "2025-10-24T13:44:00.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "13061848-ea10-403d-bd75-c83a022c2891", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-12-17T05:15:06.413", "references": [{"source": "13061848-ea10-403d-bd75-c83a022c2891", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12356"}, {"source": "13061848-ea10-403d-bd75-c83a022c2891", "tags": ["Vendor Advisory"], "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10"}, {"source": "13061848-ea10-403d-bd75-c83a022c2891", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cve.org/CVERecord?id=CVE-2024-12356"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["US Government Resource"], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12356"}], "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "13061848-ea10-403d-bd75-c83a022c2891", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}