CVE-2024-12686

CISA has added another critical BeyondTrust flaw to its "Known Exploited Vulnerabilities" catalog—this time, impacting Privileged Remote Access (PRA) and Remote Support (RS). Attackers are actively exploiting it — CVE-2024-12686. https://t.co/DzSVLhFuAm

CISA : 2e faille BeyondTrust au KEV 🔒 CISA ajoute CVE-2024-12686 (BeyondTrust SaaS) au KEV. Faille d’injection liée à une brèche au Trésor US. Patch urgent ! #Cybersecurity #CISA Lien ⬇️

PostgreSQL flaw exploited as zero-day in BeyondTrust breach CVE-2024-12356 CVE-2024-12686 #Hacking #infosec #CyberSecurity https://t.co/x6cMARhrUk

BeyondTrust revealed that attackers breached its systems and 17 Remote Support SaaS instances in early December using two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a stolen API key. https://t.co/DEz5kN12Ff

BeyondTrust reveló que por una falla de seguridad de PostgreSQL hackearon sus sistemas y 17 instancias de SaaS de soporte remoto a principios de diciembre utilizando dos errores de día cero (CVE-2024-12356 y CVE-2024-12686) y una clave API robada. 🧉 https://t.co/ggO4tCAQfc

Actively exploited CVE : CVE-2024-12686

CVE-2024-12686 - BeyondTrust vulnerability exploited in the wild https://t.co/bq0tRbz0aI https://t.co/Z7Dh2yNXe9

Actively exploited CVE : CVE-2024-12686

Actively exploited CVE : CVE-2024-12686

CVE-2024-12686 - BeyondTrust vulnerability exploited in the wild https://t.co/ZkBll6nNrs https://t.co/zKyFfD6NgK

CVE-2024-12686 - BeyondTrust vulnerability exploited in the wild https://t.co/c5ywfRWiOI https://t.co/K495H7Jkfj

CISA has added a new command injection vulnerability, CVE-2024-12686, linked to BeyondTrust's Remote Support services to its KEV Catalog after a significant breach at the US Treasury by Silk Typhoon. ⚠️🇺🇸 #CyberThreat #Vulnerability #CybersecurityNews l… https://t.co/uPC31VNGb

Critical BeyondTrust PRA/RS vulnerability (CVE-2024-12686) under active exploitation allows admin-level OS command injection. DCS customers protected via custom sandbox & hardening rules. Stay vigilant! #BeyondTrustSec #InfoSec #CyberSecurity https://t.co/ZMK9PpFpww https://t

CVE-2024-12686 - BeyondTrust vulnerability exploited in the wild https://t.co/RP5II1pS0n https://t.co/eN47cDWsdr

🚨 CVE-2024-12686 Alert 🚨 A critical vuln in BeyondTrust’s PRA & RS products could allow admin privilege escalation. ➡️ Patch now via advisory BT24-11: https://t.co/OrgHZW1aVZ ➡️ Limit admin access to reduce risk. Stay secure! #CyberSecurity #Vulnerability #BeyondTrust

La CISA a ajouté à son catalogue KEV la vulnérabilité concernant BeyondTrust Remote Support et Privileged Remote Access (CVE-2024-12686). Cette faille permet à un attaquant avec un compte sur le système d'exécuter du code arbitraire. https://t.co/d56fOsSrZZ

CISA orders agencies to patch BeyondTrust bug exploited in attacks: https://t.co/SpLKFGFTEm CISA has mandated U.S. federal agencies to patch a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access and Remote Support software, identified as… h

CISA Orders Agencies to Patch BeyondTrust Vulnerability Actively Exploited. US federal agenciesmust urgently address a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) software. https://t.co/FHmiPo8s5v https:

csirt_it: ‼️ #BeyondTrust: rilevato lo sfruttamento attivo in rete delle CVE-2024-12686 e CVE-2024-12356, relative a #RemoteSupport e #PrivilegedRemoteAccess Rischio: 🔴 Tipologia: 🔸 Remote Code Execution 🔗 https://t.co/dFhjeYWZCJ ⚠ Importante agg… https://t.co/WW6zMr5nl7

CISA warns of a newly discovered BeyondTrust vulnerability (CVE-2024-12686) linked to state-sponsored attacks from Silk Typhoon. It allows administrative command execution on systems. 🛡️🇺🇸 #US #CISA #SilkTyphoon #CybersecurityNews link: https://t.co/us5KoIxgLH https://t.co/cZ

CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. #cybersecurity #informationsecurity https://t.co/YmApgs9gew

🚨 CISA Adds New BeyondTrust Flaw (CVE-2024-12686) to KEV Catalog 🚨 A command injection vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) allows attackers with admin privileges to execute malicious commands. Linked to the Treasury breach by… ht

CVE-2024-12686 is a newly identified vulnerability in BeyondTrust products that pose security risks due to active exploitation. #Information_security #cybersecurity Save What Matters: https://t.co/vGjUhhOWcg

CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks https://t.co/eHZqr0yoX8 CVE-2024-12686がKEVに追加されましたね ▼参考 【セキュリティ ニュース】BeyondTrustのリモート管理製品に深刻な脆弱性 - 悪用も確認済み（1ページ目 / 全2ページ）：Security NEXT… https://t.co/ppmOu2Itpj https://t.co/HkL18OOeKA

CISA adds a second BeyondTrust flaw (CVE-2024-12686) to its KEV catalog amid active attacks. This medium-severity vulnerability enables command injection by attackers with admin privileges. 💻🔒 #US #CVE2024 #CyberThreats #CybersecurityNews link: https://t.co/dSf38Rbzxx https://

米国サイバーセキュリティ・社会基盤安全保障庁(CISA)が既知の悪用された脆弱性カタログに2件の追加。なおメールとWebでの周知は失念している模様。 BeyondTrust PRA&RSのコマンドインジェクションCVE-2024-12686とQlik SenseのHTTPトンネリングCVE-2023-48365。対処期限は通常の2/3。ランサムウェア… https://t.co/IdIVOpGuJg https://t.co/C9k7HtOjCp

🚨 Alert! CISA has added another critical BeyondTrust flaw to its "Known Exploited Vulnerabilities" catalog—this time, impacting Privileged Remote Access (PRA) and Remote Support (RS). Attackers are actively exploiting it — CVE-2024-12686. Read more: https://t.co/rovjOSwQ0X

CISA KEV Catalog Update Part III- January 2025 #CISAKEV #CVE-2024-12686 #CVE-2023-48365 https://t.co/zoEX97JFQ7

🚨 CISA Orders Agencies to Patch BeyondTrust Vulnerabilities 🚨 Two critical flaws in BeyondTrust's Privileged Remote Access and Remote Support software (CVE-2024-12686 & CVE-2024-12356) are being actively exploited by attackers, including Chinese state-backed group Silk… ht

#CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. #CyberSecurity #CyberAttacks https://t.co/vPQO9XMp6J

CISA flags BeyondTrust vulnerabilities CVE-2024-12686 and CVE-2024-12356 as exploited by Silk Typhoon in a breach affecting the U.S. Treasury. Ensuring network security is crucial! 🔒🇺🇸 #SilkTyphoon #APIsecurity #USTreasury #CybersecurityNews link: https://t.co/jkWGxzGcoV http

Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2024-12686 #BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability https://t.co/Xl48yUaVwK

🛡️ We added #QlikSense and #BeyondTrust vulnerabilities, CVE-2023-48365 & CVE-2024-12686, to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/dOIn6I9vuB & apply mitigations to protect your org from cyberattacks. #Cybersecurity https://t.co/3gKRFE9Haw

🚨 Heads up, cybersecurity pros: 8,600+ BeyondTrust instances are exposed online. Are your systems patched against CVE-2024-12356 & CVE-2024-12686? Manual checks recommended. Stay secure! #CyberSecurity #PatchNow https://t.co/SVlM1TSzyu

Suggested timely Security Copilot prompt: Tell me about CVE-2024-12356 and CVE-2024-12686 that was involved in a recent United States Treasury Department hack by China. Identify if these impact my own environment and give me the CVSS scores that I can include in a report to my… h

#threatreport #LowCompleteness BeyondTrust Security Incident - Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) | 20-12-2024 Source: https://t.co/shhSZVUHbb Key details below ↓ 💀Threats: Beyondtrust_tool, 🔓CVEs: CVE-2024-12686… https://t.co/hIM8LDx

CVE-2024-12686 A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to i… https://t.co/FICdfh8hgi