Unrated severityCISA KEVNVD Advisory· Published Dec 17, 2024· Updated Oct 21, 2025
Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)
CVE-2024-12356
Description
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 0
- Range: 0
Patches
Vulnerability mechanics
References
3News mentions
1- Exploits and vulnerabilities in Q1 2026Securelist · May 7, 2026