A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
https://www.cve.org/CVERecord?id=CVE-2024-12356
https://nvd.nist.gov/vuln/detail/CVE-2024-12356
https://www.beyondtrust.com/trust-center/security-advisories/bt24-10
Description Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file
Description Authentication Bypass vulnerability in Hitachi Ops Center Analyzer on Linux, 64 bit (Hitachi Ops Center Analyzer detail view component),
Description A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow