Privileged Remote Access Security Vulnerabilities and Issues — Privileged Remote Access CVE List

Lucene search

BeyondtrustPrivileged Remote Access

5 matches found

CVE•added 2024/12/17 5:15 a.m.•369 views

CVE-2024-12356

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.

9.8CVSS9.7AI score0.93687EPSS

CVE•added 2024/12/18 9:15 p.m.•206 views

CVE-2024-12686

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.

7.2CVSS6.7AI score0.10018EPSS

CVE•added 2025/05/05 5:18 p.m.•42 views

CVE-2025-0217

BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions.

7.8CVSS6.6AI score0.00027EPSS

CVE•added 2023/09/05 9:15 p.m.•37 views

CVE-2023-4310

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Successful exploitation of this vulnerability can allow an unauthenticated remote attacker to execute unde...

9.8CVSS9.5AI score0.01223EPSS

CVE•added 2023/10/12 8:15 p.m.•36 views

CVE-2023-23632

BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the se...

7.8CVSS7.6AI score0.00008EPSS