CVE-2024-12356
ENISA EUVD: EUVD-2024-50801 ↗
Exploited in the Wild
✓ Confirmed 0-Day
Triaged: March 5, 2026
9 articles
Published: 2024-12-17
EPSS Score
Source: FIRST.org · 2026-05-23
93.86%
probability
This CVE has a 93.86% probability
of being exploited in the next 30 days.
0%
Top 99.9th percentile of all CVEs
100%
CVSS v3.1
Source: VulnerabilityLookup (CIRCL)9.8
CRITICAL
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Description
VulnerabilityLookup (CNA)A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
Affected Products
BeyondTrust
Remote Support
0
BeyondTrust
Privileged Remote Access
0
Attack Intelligence
Signal Intelligence
Confidence
85%
EPSS
93.86%
CVSS v3.1
9.8
Mentions
9
Last Seen
Feb 20, 2026
CNA Information
CNA Assigner
BT
CNA Title
Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)
Analyst Note
CVE-2024-12356 shows strong zero-day indicators: published 2024-12-17, actively exploited in the wild with confirmed command injection attacks leading to web shells and backdoors, and CISA issued emergency patching directive (3-day deadline for federal agencies). The timing between publication and active exploitation reports is consistent with zero-day classification, and the severity (CVSS 9.8 critical, unauthenticated RCE) aligns with high-impact zero-day characteristics.
Threat Actors 36
Lazarus Group
apt_group
Information theft and espionage
🇰🇵 KP
APT27
apt_group
Information theft and espionage
🇨🇳 CN
APT 28
apt_group
Information theft and espionage
🇷🇺 RU
EMISSARY PANDA
apt_group
Information theft and espionage
🇨🇳 CN
Harvester
apt_group
Information theft and espionage
Unknown
Hacking Team
apt_group
🇮🇹 IT
Tick
apt_group
Information theft and espionage
🇨🇳 CN
APT3
apt_group
Information theft and espionage
🇨🇳 CN
Infy
apt_group
Information theft and espionage
🇮🇷 IR
Andariel Group
apt_group
🇰🇷 KR
Volt Typhoon
apt_group
Information theft and espionage
🇨🇳 CN
Group 27
apt_group
Information theft and espionage
🇨🇳 CN
TA428
apt_group
Information theft and espionage
🇨🇳 CN
APT42
apt_group
Information theft and espionage
🇮🇷 IR
FamousSparrow
apt_group
Information theft and espionage
🇨🇳 CN
Earth Estries
apt_group
Information theft and espionage
🇨🇳 CN
HAFNIUM
apt_group
Information theft and espionage
🇨🇳 CN
APT-C-27
apt_group
Information theft and espionage
🇸🇾 SY
APT 22
apt_group
Information theft and espionage
🇨🇳 CN
Flax Typhoon
apt_group
Information theft and espionage
🇨🇳 CN
GOBLIN PANDA
apt_group
Information theft and espionage
🇨🇳 CN
APT 6
apt_group
Information theft and espionage
🇨🇳 CN
UNC215
apt_group
Information theft and espionage
🇨🇳 CN
Red Dev 17
apt_group
🇨🇳 CN
Red October
apt_group
🇷🇺 RU
Pat Bear
apt_group
🇸🇾 SY
Operation Digital Eye
apt_group
Information theft and espionage
🇨🇳 CN
Mana Team
apt_group
🇨🇳 CN
Iron Group
apt_group
Information theft and espionage
🇨🇳 CN
BRONZE SPRING
apt_group
Information theft and espionage
🇨🇳 CN
SharpPanda
apt_group
Information theft and espionage
🇨🇳 CN
APT 5
apt_group
Information theft and espionage
🇨🇳 CN
Cyber Alliance
apt_group
🇺🇦 UA
Ukrainian Cyber Alliance
apt_group
🇺🇦 UA
Beijing Group
apt_group
Information theft and espionage
🇨🇳 CN
Storm-0558
apt_group
Information theft and espionage
🇨🇳 CN
Triage Info
Decided atMar 05, 2026
Published DateDec 17, 2024