What is the severity of CVE-2024-12356?

CVE-2024-12356 has a CVSS Base Score of 9.8/10 and is classified as Critical severity. It is important to assess the risk based on your specific environment.

How do I fix CVE-2024-12356?

Remediation typically involves updating the affected software products to the latest patched version. Refer to the 'Affected Products' and 'Remediation' sections on this page for specific mitigation steps and vendor advisories.

Home→Vulnerabilities→CVE-2024-12356

Critical Risk Active Exploitation

CVE-2024-12356

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.

Share this vulnerability:

⚠️

Confirmed Active Exploitation

This vulnerability is listed in the CISA KEV Catalog. Federal agencies are mandated to patch immediately. Immediate remediation is required.

Exploitation Probability (EPSS)

Critical Priority

93.78%

The Exploit Prediction Scoring System (EPSS) uses machine learning to estimate the probability that a vulnerability will be exploited in the wild within the next 30 days.

0% (Theoretical)100% (Certainty)