Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Members of public are advised to stay vigilant and not follow any instructions given by these scammers. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Vulnerabilities in BeyondTrust Products
Alerts

Vulnerabilities in BeyondTrust Products

31 December 2024

BeyondTrust has released security updates addressing vulnerabilities (CVE-2024-12356 and CVE-2024-12686) in their Remote Support (RS) and Privileged Remote Access (PRA) products. CVE-2024-12356 has a Common Vulnerability Scoring System (CVSSv3) score of 9.8 out of 10. Both vulnerabilities have reportedly been exploited in the wild. 

The vulnerabilities are:

  • CVE-2024-12356: Successful exploitation of this critical command injection vulnerability could allow an unauthenticated remote attacker to execute underlying operating system commands. This vulnerability affects versions of RS and PRA 24.3.1 and earlier.

  • CVE-2024-12686: Successful exploitation of this command injection vulnerability could allow an attacker with existing administrative privileges to upload malicious files and execute underlying operating system commands. This vulnerability affects versions of RS and PRA 24.3.1 and earlier.

BeyondTrust has applied the security updates to all cloud hosted instances. However, users and administrators of self-hosted affected product versions remain vulnerable and are advised to update to the latest version immediately.

More information is available here:

https://www.beyondtrust.com/remote-support-saas-service-security-investigation

https://nvd.nist.gov/vuln/detail/CVE-2024-12356

https://nvd.nist.gov/vuln/detail/CVE-2024-12686

https://www.beyondtrust.com/trust-center/security-advisories/bt24-10

https://www.beyondtrust.com/trust-center/security-advisories/bt24-11