Statement on CVE 2024-12686 BeyondTrust Command Injection Vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)

Statement on CVE 2024-12686 BeyondTrust Command Injection Vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)#

January 30, 2025

Information #

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.

Risk #

Not Applicable

Response #

Melissa Data Corporation (“Melissa”) was not impacted by the BeyondTrust Vulnerability as Melissa does not utilize BeyondTrust products for any Melissa commercial web services or products.

Melissa will continue to follow all guidance provided for this vulnerability as necessary to prevent any future risks.

Statement on CVE 2024-12686 BeyondTrust Command Injection Vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)

Contents

Statement on CVE 2024-12686 BeyondTrust Command Injection Vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)#

Information#

Risk#

Response#

Information #

Risk #

Response #