# CVE-2024-12686

> A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.

- **CVSS:** 6.6 (MEDIUM)
- **EPSS:** 33.4%
- **CISA KEV:** yes
- **CWE:** CWE-78

Canonical: https://intel.threadlinqs.com/cve/CVE-2024-12686
Full threat coverage + IOCs via the Threadlinqs MCP server (Purple tier): https://intel.threadlinqs.com/mcp