8 matches found
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution
This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access PRA and Remote Support RS. The module targets CVE-2026-1731, a direct command injection affecting RS versions 25.3.1 and prior, and PRA versions 24.3.4 and prior. Exploitation occurs with the...
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) unauthenticated Remote Code Execution
This exploit achieves unauthenticated remote code execution against BeyondTrust Privileged Remote Access PRA and Remote Support RS, with the privileges of the site user of the targeted BeyondTrust product site. This exploit targets PRA and RS versions 24.3.1 and below. Module Options msf use...
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access PRA and Remote Support RS products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7. The vulnerability,...
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access PRA and Remote Support RS products to the Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...
BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products
BeyondTrust has disclosed details of a critical security flaw in Privileged Remote Access PRA and Remote Support RS products that could potentially lead to the execution of arbitrary commands. Privileged Remote Access controls, manages, and audits privileged accounts and credentials, offering zer...
CVE-2024-12356
creationtimestamp| type| source ---|---|--- 2024-12-17 04:32:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113666290051812274 2024-12-17 06:44:55+00:00| seen| https://t.me/cvedetector/13067 2024-12-17 06:47:32+00:00| seen|...
CVE-2024-12356 Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)
A critical vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS products which can allow an unauthenticated attacker to inject commands that are run as a site user...
PT-2024-10058
Name of the Vulnerable Software and Affected Versions BeyondTrust Privileged Remote Access PRA and Remote Support RS versions prior to 24.3.1 PostgreSQL affected versions not specified Description A critical command injection vulnerability exists in BeyondTrust Privileged Remote Access PRA and...