⚠️ CVE-2025-25427: A Stored cross-site scripting ... ⚠️ CVE-2025-3509: A Remote Code Execution (RCE) ... ⚠️ CVE-2025-3246: An improper neutralization of ... 🟡 CVE-2025-3124: A missing authorization vulner... 🟢 CVE-2024-42178: HCL MyXalytics is affected by ... 🟡 CVE-2025-3765: A vulnerability, which was cla... 🟡 CVE-2025-3764: A vulnerability classified as ... 🟢 CVE-2024-42177: HCL MyXalytics is affected by ... 🟡 CVE-2025-3763: A vulnerability classified as ... 🟡 CVE-2025-3762: A vulnerability was found in P... 🟡 CVE-2025-29722: A CSRF vulnerability in Commer... 🟡 CVE-2025-28101: An arbitrary file deletion vul... 🔥 CVE-2025-28009: A SQL Injection vulnerability ... 🟢 CVE-2025-26269: DragonflyDB Dragonfly through ... 🟢 CVE-2025-26268: DragonflyDB Dragonfly before 1... ⚠️ CVE-2024-55211: An issue in Think Router Tk-Rt... 🟢 CVE-2021-47671: In the Linux kernel, the follo... ⚠️ CVE-2021-47670: In the Linux kernel, the follo... ⚠️ CVE-2021-47669: In the Linux kernel, the follo... ⚠️ CVE-2021-47668: In the Linux kernel, the follo... 🟢 CVE-2025-32415: In libxml2 before 2.13.8 and 2... ⚠️ CVE-2025-2947: IBM i 7.6  contains a privile... ⚠️ CVE-2025-29661: Litepubl CMS <= 7.0.9 is vulne... ⚠️ CVE-2025-29181: FOXCMS <= V1.25 is vulnerable ... ⚠️ CVE-2025-29180: In FOXCMS <=1.25, the installd... ⚠️ CVE-2025-29039: An issue in dlink DIR 832x 240... ⚠️ CVE-2025-43015: In JetBrains RubyMine before 2... 🟡 CVE-2025-43014: In JetBrains Toolbox App befor... 🟡 CVE-2025-43013: In JetBrains Toolbox App befor... ⚠️ CVE-2025-43012: In JetBrains Toolbox App befor... 🟡 CVE-2025-42921: In JetBrains Toolbox App befor... 🔥 CVE-2025-39596: Weak Authentication vulnerabil... 🔥 CVE-2025-39595: Improper Neutralization of Spe... ⚠️ CVE-2025-39594: Improper Neutralization of Inp... 🔥 CVE-2025-39588: Deserialization of Untrusted D... 🔥 CVE-2025-39587: Improper Neutralization of Spe... ⚠️ CVE-2025-39586: Improper Neutralization of Spe... ⚠️ CVE-2025-39583: Missing Authorization vulnerab... 🟡 CVE-2025-39580: Missing Authorization vulnerab... ⚠️ CVE-2025-39569: Improper Neutralization of Spe... ⚠️ CVE-2025-39568: Improper Limitation of a Pathn... ⚠️ CVE-2025-39567: Improper Neutralization of Inp... 🟡 CVE-2025-39562: Improper Neutralization of Inp... 🟡 CVE-2025-39559: Missing Authorization vulnerab... ⚠️ CVE-2025-39558: Improper Neutralization of Inp... 🟡 CVE-2025-39554: Missing Authorization vulnerab... 🔥 CVE-2025-39551: Deserialization of Untrusted D... 🔥 CVE-2025-39550: Deserialization of Untrusted D... ⚠️ CVE-2025-39542: Incorrect Privilege Assignment... ⚠️ CVE-2025-39535: Authentication Bypass Using an... ⚠️ CVE-2025-39533: Missing Authorization vulnerab... ⚠️ CVE-2025-39532: Missing Authorization vulnerab... ⚠️ CVE-2025-39527: Deserialization of Untrusted D... ⚠️ CVE-2025-39526: Improper Control of Filename f... ⚠️ CVE-2025-39521: Improper Neutralization of Inp... ⚠️ CVE-2025-39519: Improper Neutralization of Inp... ⚠️ CVE-2025-39464: Improper Neutralization of Inp... ⚠️ CVE-2025-39462: Improper Control of Filename f... ⚠️ CVE-2025-39461: Improper Control of Filename f... 🟡 CVE-2025-39457: Missing Authorization vulnerab... 🟡 CVE-2025-39456: Missing Authorization vulnerab... ⚠️ CVE-2025-39455: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39453: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39452: Improper Control of Filename f... 🟡 CVE-2025-39444: Improper Neutralization of Inp... 🟡 CVE-2025-39443: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39442: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39441: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39440: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39439: Exposure of Sensitive System I... 🟡 CVE-2025-39438: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39437: Cross-Site Request Forgery (CS... 🔥 CVE-2025-39436: Unrestricted Upload of File wi... ⚠️ CVE-2025-39435: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39434: Authorization Bypass Through U... ⚠️ CVE-2025-39433: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39432: Improper Neutralization of Inp... ⚠️ CVE-2025-39431: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39430: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39429: Improper Control of Filename f... 🟡 CVE-2025-39428: Improper Neutralization of Inp... 🟡 CVE-2025-39427: Improper Neutralization of Inp... 🟡 CVE-2025-39426: Cross-Site Request Forgery (CS... 🟡 CVE-2025-39425: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39424: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39423: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39422: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39421: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39420: Improper Neutralization of Inp... ⚠️ CVE-2025-39419: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39418: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39417: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39416: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39415: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-39414: Cross-Site Request Forgery (CS... ⚠️ CVE-2025-32686: Deserialization of Untrusted D... 🔥 CVE-2025-32682: Unrestricted Upload of File wi... ⚠️ CVE-2025-32674: Improper Neutralization of Inp... ⚠️ CVE-2025-32670: Improper Neutralization of Inp... ⚠️ CVE-2025-32666: Improper Neutralization of Inp...
BeyondTrust's CVE-2024-12686: Command Injection Vulnerability in Remote Access Solutions

By Cybersecurity Team on

BeyondTrust's CVE-2024-12686: Command Injection Vulnerability in Remote Access Solutions

BeyondTrust, a leader in privileged access management, has recently addressed a security vulnerability identified as CVE-2024-12686. This command injection flaw affects their Privileged Remote Access (PRA) and Remote Support (RS) products, potentially allowing attackers with existing administrative privileges to execute arbitrary commands on the underlying operating system.

Understanding CVE-2024-12686

CVE-2024-12686 is a command injection vulnerability that permits an authenticated attacker with administrative privileges to upload malicious files. Successful exploitation enables the execution of operating system commands within the context of the site user, potentially compromising system integrity and confidentiality.

Impacted Products and Versions

The vulnerability affects the following BeyondTrust products and versions:

  • Privileged Remote Access (PRA) versions 24.3.1 and earlier
  • Remote Support (RS) versions 24.3.1 and earlier

Mitigation and Patching

BeyondTrust has released patches to remediate this vulnerability for all supported releases of PRA and RS version 22.1.x and higher. Cloud customers received automatic updates as of December 16, 2024. On-premise customers are advised to apply the patch via their appliance interface. Those on versions older than 22.1 must upgrade to a supported version before applying the patch.

Exploitation and Advisory

The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-12686 to its Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild. Federal agencies are mandated to apply the necessary patches by February 3, 2025. All organizations using BeyondTrust PRA and RS products are strongly encouraged to prioritize patching to mitigate potential risks.

Conclusion

CVE-2024-12686 underscores the critical importance of maintaining up-to-date security measures, even for users with administrative privileges. Organizations utilizing BeyondTrust's PRA and RS solutions should promptly apply the recommended patches to safeguard their systems against potential exploitation.

References

Back to Posts