menu
close
close

Follow us

Social Media
Social Media
Social Media
Social Media
Social Media

Experienced a potential cyberattack or suspicious activity?

What are you looking for?
close
    home icon for breadcrumb
  1. Home
  2. Stay Alert
  3. All Threats
  4. Actively Exploited Command Injection Vulnerability in BeyondTrust Software
  • published 1/21/25 5:35 AM
  • updated 13 January 2025
  • 3 min Read

Actively Exploited Command Injection Vulnerability in BeyondTrust Software

Alert Rating

Critical

Audience

Corporations, Government

On this page

Actively Exploited Command Injection Vulnerability in BeyondTrust Software

A critical command injection vulnerability, identified as CVE-2024-12686, has been discovered in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) software. This vulnerability is actively being exploited in ongoing attacks. It allows attackers with administrative privileges to inject malicious operating system commands, which could lead to a complete system compromise.

Technical Details:

  • CVE Identifier: CVE-2024-12686
  • Vulnerability Type: OS Command Injection
  • Affected Products: BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS)
  • Exploitability: Actively exploited in the wild
  • Description: This vulnerability allows attackers with administrative privileges to upload a malicious file and execute arbitrary OS commands within the context of the site user. Exploitation of this vulnerability could lead to full control over the affected system, compromising sensitive information and enabling further attacks.

 


Affected Versions:

  • Privileged Remote Access (PRA)-24.3.1 and earlier
  • Remote Support (RS)-24.3.1 and earlier

 

Fixed Versions:
Privileged Remote Access (PRA)

  • BT24-11-ONPREM1
  • BT24-11-ONPREM2
  • BT24-11-ONPREM3
  • BT24-11-ONPREM4
  • BT24-11-ONPREM5
  • BT24-11-ONPREM6
  • BT24-11-ONPREM7
  • Remote Support (RS)
  • BT24-11-ONPREM1
  • BT24-11-ONPREM2
  • BT24-11-ONPREM3
  • BT24-11-ONPREM4
  • BT24-11-ONPREM5
  • BT24-11-ONPREM6
  • BT24-11-ONPREM7

 

Attachments

Actively Exploited Command Injection Vulnerability in BeyondTrust Software.pdf

0.21 MB

Take Action

Protect yourself

Review the attached document and apply the necessary updates as outlined by the vendor. These updates are crucial for addressing the identified security vulnerability and ensuring your system remains protected

Attachments

Stay Connected

Follow our channels
Follow our social media channels to stay up to date.
Social Icon Social Icon Social Icon Social Icon Social Icon

Take Action

Spread Awareness

Share this threat to raise awareness and help others stay alert

GET INVOLVED

Make a Difference
Get involved with CSC and play a part in safeguarding the UAE's digital landscape.

Other Threats

20 January 2025

Alert rating

Critical

Critical Vulnerability in F5 Traffix SDC

A critical vulnerability has been discovered in F5 Traffix SDC, linked to Apache Tomcat, which could allow attackers to gain unauthorized access to compromised systems.

Protecting

Corporations, Government

share share

17 January 2025

Alert rating

High

Security Updates - NVIDIA

NVIDIA has released security updates to address multiple vulnerabilities in the NVIDIA Container Toolkit and NVIDIA GPU Operator.

Protecting

Corporations, Government

share share

16 January 2025

Alert rating

Critical

Critical Vulnerability in FortiSwitch Devices

A critical vulnerability (CVE-2023-37936) has been discovered in multiple versions of Fortinet FortiSwitch devices. This vulnerability, classified as a use of hard-coded cryptographic key [CWE-321], allows a remote unauthenticated attacker in possession of the key to execute unauthorized code via crafted cryptographic request.

Protecting

Corporations, Government

share share
Report an Incident
Get Involved

Follow us

Social Media
Social Media
Social Media
Social Media
Social Media

© 2025 CYBER SECURITY COUNCIL UAE. All rights reserved.

Privacy Policy Terms & Conditions