354 matches found
CVE-2024-57727
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing...
CVE-2024-57728
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file i.e. zip slip. This can be exploited to execute arbitrary code on the host in the context of the SimpleHelp server user...
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability
BeyondTrust Privileged Remote Access PRA and Remote Support RS contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execut...
CISA: No Wider Federal Impact from Treasury Cyber Attack, Investigation Ongoing
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The agency said it's working closely with the Treasury Department and BeyondTrust to get a better...
BeyondTrust Remote Support (RS) <= 24.3.1 Multiple Vulnerabilities
The version of BeyondTrust Remote Support RS running on the remote host is prior or equal to 24.3.1. It is, therefore, potentially affected by multiple vulnerabilities. - All BeyondTrust Remote Support RS versions contain a command injection vulnerability which can be exploited through a maliciou...
BeyondTrust Remote Support Unsupported Version Detection
Binary data beyondtrustremotesupportunsupported.nbin...
Beyondtrust Remote Support Detection
Binary data beyondtrustremotesupportdetect.nbin...
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access PRA and Remote Support RS products to the Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The...
PT-2024-12773 · Beyondtrust · Beyondtrust Remote Support
Name of the Vulnerable Software and Affected Versions: BeyondTrust Remote Support SaaS affected versions not specified Description: A security issue allowed hackers to exploit and breach Remote Support SaaS instances, resulting in the resetting of local account passwords. The incident led to the...
VulnCheck KEV: CVE-2024-12356
BeyondTrust Privileged Remote Access PRA and Remote Support RS contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user...
PT-2024-13318 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: Privileged Remote Access and Remote Support Products affected versions not specified Description: A critical issue has been identified in Privileged Remote Access and Remote Support Products. Recommendations: At the moment, there is no...
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability
BeyondTrust Privileged Remote Access PRA and Remote Support RS contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user...
CVE-2024-12686
A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user...
CVE-2024-12686
A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user...
CVE-2024-12686 Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)
A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user...
CVE-2024-12686
CVE-2024-12686 affects BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS); it is an OS command-injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file and execute OS commands as the site user. Public sources (...
CVE-2024-12686 Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)
A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user...
Vulnerability fixed in BeyondTrust Privileged Remote Access
BeyondTrust has fixed a vulnerability in Privileged Remote Access and Remote Support products. The vulnerability is located within the Privileged Remote Access and Remote Support products, allowing unauthenticated attackers to execute commands as a site user. The attack can lead to unauthorized...
BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products
BeyondTrust has disclosed details of a critical security flaw in Privileged Remote Access PRA and Remote Support RS products that could potentially lead to the execution of arbitrary commands. Privileged Remote Access controls, manages, and audits privileged accounts and credentials, offering zer...
CVE-2024-12686
A vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS which can allow an attacker with existing administrative privileges to inject commands and run as a site user. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value...