Beyondtrust: >> Remote Support >> 16.1.4 Security Vulnerabilities
CVE-2024-12686
A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
Known exploited
CVSS Score
6.6
EPSS Score
0.058
Published
2024-12-18
CVE-2024-12356
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
Known exploited
CVSS Score
9.8
EPSS Score
0.937
Published
2024-12-17
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.
CVSS Score
7.8
EPSS Score
0.001
Published
2017-10-26