CVE-2025-5309

High CVSS: 8.6

The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.

Vendor

Beyondtrust

Product

Privileged Remote Access

CWE

CWE-94

Yayın Tarihi

2025-06-16 17:15:29

Güncelleme

2025-08-21 20:36:00

Source Identifier

13061848-ea10-403d-bd75-c83a022c2891

KEV Date Added

Kategoriler

CWE-94 Privileged Remote Access HIGH Beyondtrust 2025

Referanslar

https://www.beyondtrust.com/trust-center/security-advisories/bt25-04

Benzer Kayıtlar

Critical

CVE-2026-1731

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-auth…

High

CVE-2025-2297

Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challe…

High

CVE-2025-6250

Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypass…

High

CVE-2025-0217

BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A loc…

High

CVE-2025-0889

Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows i…