CVE-2024-12686

MEDIUM KEV

BeyondTrust Privileged Remote Access and Remote Support < 24.3.1 - Authenticated OS Command Injection

Title source: llm

Exploitation Summary

CVE-2024-12686 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added January 13, 2025.

Description

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.

References (3)

Core 3

Core References

Third Party Advisory, US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2024-12686

Vendor Advisory

https://www.beyondtrust.com/trust-center/security-advisories/bt24-11

US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12686

Scores

CVSS v3 6.6

EPSS 0.3153

EPSS Percentile 96.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2025-01-13

VulnCheck KEV 2024-12-18

ENISA EUVD EUVD-2024-51049

CWE

CWE-78

Status published

Products (2)

beyondtrust/privileged_remote_access < 24.3.1

beyondtrust/remote_support < 24.3.1

Published Dec 18, 2024

KEV Added Jan 13, 2025

Tracked Since Feb 18, 2026