453/67 Monday, December 23, 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a command injection vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) software, identified as CVE-2024-12356, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability, with a CVSS severity score of 9.8, allows unauthenticated attackers to execute malicious commands as a system user (site user). The issue affects all versions of BeyondTrust PRA and RS products. However, BeyondTrust has released patches addressing the vulnerability in RS and PRA versions 22.1.x and later.
To mitigate the risk, federal agencies under the Federal Civilian Executive Branch (FCEB) must remediate the vulnerability within the specified timeframe. CISA has mandated that all necessary updates be implemented by December 27, 2024, to prevent exploitation and ensure prompt resolution of related vulnerabilities.
