Statement on CVE 2024-12356 BeyondTrust Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)

Statement on CVE 2024-12356 BeyondTrust Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)#

January 30, 2025

Information #

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.

Risk #

Not Applicable

Response #

Melissa Data Corporation (“Melissa”) was not impacted by the BeyondTrust Vulnerability as Melissa does not utilize BeyondTrust products for any Melissa commercial web services or products.

Melissa will continue to follow all guidance provided for this vulnerability as necessary to prevent any future risks.

Statement on CVE 2024-12356 BeyondTrust Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)

Contents

Statement on CVE 2024-12356 BeyondTrust Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)#

Information#

Risk#

Response#

Information #

Risk #

Response #