Lucene search
K

354 matches found

ATTACKERKB
ATTACKERKB
added 2025/01/15 12:0 a.m.96 views

CVE-2024-57727

SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing...

9.1CVSS8.2AI score0.95151EPSS
In wildExploits2References3
Cvelist
Cvelist
added 2025/01/15 12:0 a.m.234 views

CVE-2024-57728

SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file i.e. zip slip. This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user...

0.07549EPSS
Exploits0References2
CISA KEV Catalog
CISA KEV Catalog
added 2025/01/13 12:0 a.m.12 views

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability

BeyondTrust Privileged Remote Access PRA and Remote Support RS contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execut...

7.2CVSS7.8AI score0.13788EPSS
In wildExploits0
The Hacker News
The Hacker News
added 2025/01/07 8:43 a.m.5 views

CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The agency said it's working closely with the Treasury Department and BeyondTrust to get a better...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/01/02 12:0 a.m.24 views

BeyondTrust Remote Support (RS) <= 24.3.1 Multiple Vulnerabilities

The version of BeyondTrust Remote Support RS running on the remote host is prior or equal to 24.3.1. It is, therefore, potentially affected by multiple vulnerabilities. - All BeyondTrust Remote Support RS versions contain a command injection vulnerability which can be exploited through a maliciou...

9.8CVSS8.6AI score0.87991EPSS
Exploits8References5
Tenable Nessus
Tenable Nessus
added 2025/01/01 12:0 a.m.12 views

BeyondTrust Remote Support Unsupported Version Detection

Binary data beyondtrustremotesupportunsupported.nbin...

7.3AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/01 12:0 a.m.13 views

Beyondtrust Remote Support Detection

Binary data beyondtrustremotesupportdetect.nbin...

7.3AI score
Exploits0References1
The Hacker News
The Hacker News
added 2024/12/20 4:30 a.m.17 views

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access PRA and Remote Support RS products to the Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...

9.8CVSS10AI score0.87991EPSS
Exploits8
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.3 views

PT-2024-12773 · Beyondtrust · Beyondtrust Remote Support

Name of the Vulnerable Software and Affected Versions: BeyondTrust Remote Support SaaS affected versions not specified Description: A security issue allowed hackers to exploit and breach Remote Support SaaS instances, resulting in the resetting of local account passwords. The incident led to the...

6.9AI score
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/12/19 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-12356

BeyondTrust Privileged Remote Access PRA and Remote Support RS contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user...

9.8CVSS5.7AI score0.87991EPSS
Exploits8References1
Positive Technologies
Positive Technologies
added 2024/12/19 12:0 a.m.1 views

PT-2024-13318 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: Privileged Remote Access and Remote Support Products affected versions not specified Description: A critical issue has been identified in Privileged Remote Access and Remote Support Products. Recommendations: At the moment, there is no...

7AI score
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2024/12/19 12:0 a.m.34 views

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability

BeyondTrust Privileged Remote Access PRA and Remote Support RS contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user...

9.8CVSS7.8AI score0.87991EPSS
In wildExploits8
OSV
OSV
added 2024/12/18 9:15 p.m.3 views

CVE-2024-12686

A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user...

7.2CVSS5.5AI score0.13788EPSS
Exploits0References3
NVD
NVD
added 2024/12/18 9:15 p.m.22 views

CVE-2024-12686

A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user...

7.2CVSS0.13788EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/18 8:23 p.m.35 views

CVE-2024-12686 Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)

A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user...

6.6CVSS0.13788EPSS
Exploits0References2
CVE
CVE
added 2024/12/18 8:23 p.m.227 views

CVE-2024-12686

CVE-2024-12686 affects BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS); it is an OS command-injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file and execute OS commands as the site user. Public sources (...

7.2CVSS6.7AI score0.13788EPSS
In wildExploits0References3Affected Software2
Vulnrichment
Vulnrichment
added 2024/12/18 8:23 p.m.29 views

CVE-2024-12686 Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)

A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user...

6.6CVSS7.3AI score0.13788EPSS
Exploits0References2
NCSC
NCSC
added 2024/12/18 10:42 a.m.5 views

Vulnerability fixed in BeyondTrust Privileged Remote Access

BeyondTrust has fixed a vulnerability in Privileged Remote Access and Remote Support products. The vulnerability is located within the Privileged Remote Access and Remote Support products, allowing unauthenticated attackers to execute commands as a site user. The attack can lead to unauthorized...

9.8CVSS7.1AI score0.87991EPSS
Exploits8References1
The Hacker News
The Hacker News
added 2024/12/18 9:15 a.m.15 views

BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products

BeyondTrust has disclosed details of a critical security flaw in Privileged Remote Access PRA and Remote Support RS products that could potentially lead to the execution of arbitrary commands. Privileged Remote Access controls, manages, and audits privileged accounts and credentials, offering zer...

9.8CVSS9.9AI score0.87991EPSS
Exploits8
ATTACKERKB
ATTACKERKB
added 2024/12/18 12:0 a.m.84 views

CVE-2024-12686

A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value...

7.2CVSS7.3AI score0.13788EPSS
In wildExploits0References3
Rows per page
Query Builder