CVE-2025-5309
- EPSS 0.25%
- Published 16.06.2025 16:06:14
- Last modified 21.08.2025 20:36:00
The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.
CVE-2024-12686
- EPSS 15.1%
- Published 18.12.2024 21:15:08
- Last modified 14.01.2025 16:10:03
A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
CVE-2024-12356
- EPSS 93.69%
- Published 17.12.2024 05:15:06
- Last modified 10.03.2025 20:27:00
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
CVE-2023-4310
- EPSS 1.22%
- Published 05.09.2023 21:15:47
- Last modified 21.11.2024 08:34:49
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Successful exploitation of this vulnerability can allow a...
CVE-2017-5996
- EPSS 0.15%
- Published 26.10.2017 18:29:00
- Last modified 20.04.2025 01:37:25
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.