Detections
Analytics

BeyondTrust Remote Support (RS) <= 24.3.1 Multiple Vulnerabilities

critical Nessus Plugin ID 213464

Language:

Synopsis

An application running on the remote web server is affected by multiple vulnerabilities.

Description

The version of BeyondTrust Remote Support (RS) running on the remote host is prior or equal to 24.3.1. It is, therefore, potentially affected by multiple vulnerabilities.

 - All BeyondTrust Remote Support (RS) versions contain a command injection vulnerability which can be exploited through a malicious client request. Successful exploitation of this vulnerability can allow an unauthenticated remote attacker to execute underlying operating system commands within the context of the site user. This issue is fixed through a patch available for all supported releases of RS & PRA 22.1.x and higher. (CVE-2024-12356)

 - All BeyondTrust Remote Support (RS) versions contain a command injection vulnerability that can be exploited by a user with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execute underlying operating system commands within the context of the site user. This issue is fixed through a patch available for all supported releases of RS & PRA 22.1.x and higher. (CVE-2024-12686)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade BeyondTrust Remote Support (RS) according to the vendor advisory.

See Also

https://www.beyondtrust.com/trust-center/security-advisories/bt24-10

https://www.beyondtrust.com/trust-center/security-advisories/bt24-11

http://www.nessus.org/u?2193043d

Plugin Details

Severity: Critical

ID: 213464

File Name: beyondtrust_remote_support_24_3_1.nasl

Version: 1.3

Type: remote

Family: CGI abuses

Published: 1/2/2025

Updated: 1/3/2025

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Critical

Score: 9.2

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2024-12356

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:beyondtrust:remote_support

Required KB Items: Settings/ParanoidReport, installed_sw/BeyondTrust Remote Support

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/16/2024

Vulnerability Publication Date: 12/16/2024

CISA Known Exploited Vulnerability Due Dates: 12/27/2024

Reference Information

CVE: CVE-2024-12356, CVE-2024-12686

IAVA: 2025-A-0004