CVE-2025-5309

🗓️ 16 Jun 2025 16:06:14Reported by BTType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 59 Views

Chat feature in Remote Support and Privileged Remote Access vulnerable to server-side template injection.

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2025-5309	16 Jun 202517:15	–	attackerkb
Tenable Nessus	BeyondTrust Remote Support (RS) 24.2.2 < 24.3.3 Server-Side Template Injection	19 Jun 202500:00	–	nessus
Circl	CVE-2025-5309	16 Jun 202516:25	–	circl
CNNVD	BeyondTrust Remote Support和BeyondTrust Privileged Remote Access 安全漏洞	16 Jun 202500:00	–	cnnvd
Cvelist	CVE-2025-5309 Remote Support & Privileged Remote Access server side template injection	16 Jun 202516:06	–	cvelist
EUVD	EUVD-2025-18420	3 Oct 202520:07	–	euvd
NVD	CVE-2025-5309	16 Jun 202517:15	–	nvd
OSV	CVE-2025-5309	16 Jun 202517:15	–	osv
Positive Technologies	PT-2025-25569 · Unknown · Privileged Remote Access +1	16 Jun 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-5309	18 Jun 202516:17	–	redhatcve

NVD

Node

beyondtrust privileged_remote_accessRange24.2.2–24.2.4

beyondtrust privileged_remote_accessRange24.3.1–24.3.4

beyondtrust privileged_remote_accessMatch25.1.1

beyondtrust remote_supportRange24.2.2–24.2.4

beyondtrust remote_supportRange24.3.1–24.3.4

beyondtrust remote_supportMatch25.1.1

[
  {
    "defaultStatus": "unaffected",
    "product": "Remote support & Privileged Remote Access",
    "vendor": "BeyondTrust",
    "versions": [
      {
        "lessThanOrEqual": "24.2.4",
        "status": "affected",
        "version": "24.2.2",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "24.3.3",
        "status": "affected",
        "version": "24.3.1",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "25.1.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Remote Support(RS) & Privileged Remote Access(PRA)",
    "vendor": "BeyondTrust",
    "versions": [
      {
        "lessThanOrEqual": "24.2.4",
        "status": "affected",
        "version": "24.2.2",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "24.3.4",
        "status": "affected",
        "version": "24.3.1",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "25.1.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
beyondtrust	www.beyondtrust.com/trust-center/security-advisories/bt25-04

21 Aug 2025 20:36Current

7.7High risk

Vulners AI Score7.7

CVSS 3.19.8

CVSS 48.6

EPSS0.01281

SSVC

CWE-94