1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability

Known Exploited Vulnerabilities CVE-2024-12686

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execute underlying operating system commands within the context of the site user.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2024-12686 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability exploitation_technique T1068 Exploitation for Privilege Escalation
Comments
No public proof-of-concept for this exploit exists, but an attacker with existing administrative privileges can exploit this vulnerability can execute arbitrary commands at a higher privilege level.
References
  1. https://wnesecurity.com/cve-2024-12686-beyondtrust-privileged-remote-access-pra-and-remote-support-rs-os-command-injection-vulnerability/
CVE-2024-12686 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability exploitation_technique T1059 Command and Scripting Interpreter
Comments
No public proof-of-concept for this exploit exists, but an attacker with existing administrative privileges can exploit this vulnerability can execute arbitrary commands at a higher privilege level.
References
  1. https://wnesecurity.com/cve-2024-12686-beyondtrust-privileged-remote-access-pra-and-remote-support-rs-os-command-injection-vulnerability/