BeyondTrust Privileged Remote Access Local Authentication Bypass Vulnerability

Vulnerability

A local authentication bypass vulnerability has been identified in BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1. This vulnerability allows a local authenticated attacker to access connection details of a ShellJump session initiated with external tools, potentially leading to unauthorized access to connected sessions.

Impact

Exploitation of this vulnerability could allow unauthorized access to ShellJump sessions, enabling an attacker to view and potentially interact with those sessions.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

0.6

exploitability

4.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BeyondTrust Privileged Remote Access Local Authentication Bypass Vulnerability

Vulnerability

Impact

Affected Products

BeyondTrust Privileged Remote Access

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating