Vulnerabilities

CVE-2024-12356

by Fred · 17/12/2024

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.

More information : https://nvd.nist.gov/vuln/detail/CVE-2024-12356

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : NONE
User interaction : NONE
Confidentiality impact : HIGH
Integrity impact : HIGH
Base score : 9.8
Base severity : CRITICAL
Exploitability score : 3.9
Impact score : 5.9

Similar

Tags: Cybersecurity Alert