{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12356", "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891", "state": "PUBLISHED", "assignerShortName": "BT", "dateReserved": "2024-12-08T18:31:21.494Z", "datePublished": "2024-12-17T04:29:07.883Z", "dateUpdated": "2025-02-17T20:34:17.077Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Remote Support", "vendor": "BeyondTrust", "versions": [{"lessThanOrEqual": "24.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Privileged Remote Access", "vendor": "BeyondTrust", "versions": [{"lessThanOrEqual": "24.3.1", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2024-12-17T04:28:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. </span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><br>"}], "value": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user."}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "13061848-ea10-403d-bd75-c83a022c2891", "shortName": "BT", "dateUpdated": "2025-01-29T19:35:07.022Z"}, "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2024-12356"}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12356"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10"}], "source": {"discovery": "UNKNOWN"}, "title": "Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-12-19T18:04:49.357119Z", "id": "CVE-2024-12356", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-12-19", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-19T23:20:22.733Z"}, "timeline": [{"time": "2024-12-19T00:00:00+00:00", "lang": "en", "value": "CVE-2024-12356 added to CISA KEV"}]}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-02-17T20:34:17.077Z"}, "references": [{"url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis"}], "title": "CVE Program Container", "x_generator": {"engine": "ADPogram 0.0.1"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis"}], "x_generator": {"engine": "ADPogram 0.0.1"}, "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-02-17T20:34:17.077Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12356", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-12-19T18:04:49.357119Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-12-19", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-17T16:06:48.692Z"}, "timeline": [{"lang": "en", "time": "2024-12-19T00:00:00+00:00", "value": "CVE-2024-12356 added to CISA KEV"}]}], "cna": {"title": "Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "BeyondTrust", "product": "Remote Support", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "24.3.1"}], "defaultStatus": "unaffected"}, {"vendor": "BeyondTrust", "product": "Privileged Remote Access", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "24.3.1"}], "defaultStatus": "unaffected"}], "datePublic": "2024-12-17T04:28:00.000Z", "references": [{"url": "https://www.cve.org/CVERecord?id=CVE-2024-12356"}, {"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12356"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. </span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "providerMetadata": {"orgId": "13061848-ea10-403d-bd75-c83a022c2891", "shortName": "BT", "dateUpdated": "2025-01-29T19:35:07.022Z"}}}, "cveMetadata": {"cveId": "CVE-2024-12356", "state": "PUBLISHED", "dateUpdated": "2025-02-17T20:34:17.077Z", "dateReserved": "2024-12-08T18:31:21.494Z", "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891", "datePublished": "2024-12-17T04:29:07.883Z", "assignerShortName": "BT"}, "dataVersion": "5.1"}

{"cisaActionDue": "2024-12-27", "cisaExploitAdd": "2024-12-19", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability ", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*", "matchCriteriaId": "D402E4B5-D3EA-4AD1-8954-92FB6A873906", "versionEndIncluding": "24.3.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:beyondtrust:remote_support:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD0D0CD2-E8CE-40B6-B8F0-2FB1A98DA3F8", "versionEndIncluding": "24.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user."}, {"lang": "es", "value": "Se ha descubierto una vulnerabilidad cr\u00edtica en los productos Privileged Remote Access (PRA) and Remote Support (RS) que puede permitir que un atacante no autenticado inyecte comandos que se ejecutan como un usuario del sitio."}], "id": "CVE-2024-12356", "lastModified": "2025-02-17T21:15:10.327", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "13061848-ea10-403d-bd75-c83a022c2891", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-12-17T05:15:06.413", "references": [{"source": "13061848-ea10-403d-bd75-c83a022c2891", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12356"}, {"source": "13061848-ea10-403d-bd75-c83a022c2891", "tags": ["Vendor Advisory"], "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10"}, {"source": "13061848-ea10-403d-bd75-c83a022c2891", "tags": ["Third Party Advisory", "US Government Resource"], "url": "https://www.cve.org/CVERecord?id=CVE-2024-12356"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis"}], "sourceIdentifier": "13061848-ea10-403d-bd75-c83a022c2891", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "13061848-ea10-403d-bd75-c83a022c2891", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}