CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6250 – Privilege Management for Windows - Elevation of Privilege
https://notcve.org/view.php?id=CVE-2025-6250
28 Jul 2025 — Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions. Antes de la versión 25.4.270.0, al elevar wmic.exe con un token de administrador completo, el usuario podía detener el servicio Defendpoint, omitiendo así las protecciones antimanipulación. Una vez deshabilitado el servicio,... • https://www.beyondtrust.com/trust-center/security-advisories/bt25-06 • CWE-424: Improper Protection of Alternate Path •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-2297 – Privilege Management for Windows - Elevation of Privilege
https://notcve.org/view.php?id=CVE-2025-2297
28 Jul 2025 — Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator. Antes de la versión 25.4.270.0, un atacante autenticado localmente podía manipular los archivos de perfil de usuario para añadir códigos de respuesta de desafío ilegítimos al registro de usuarios local ba... • https://www.beyondtrust.com/trust-center/security-advisories/bt25-05 • CWE-268: Privilege Chaining •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2025-5309 – Remote Support & Privileged Remote Access server side template injection
https://notcve.org/view.php?id=CVE-2025-5309
16 Jun 2025 — The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution. • https://github.com/issamjr/CVE-2025-5309-Scanner • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-0217 – Privileged Remote Access Authentication Bypass
https://notcve.org/view.php?id=CVE-2025-0217
05 May 2025 — BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions. BeyondTrust Privileged Remote Access (PRA) version 24.3 suffers a privileged login takeover vulnerability due to a passwordless ssh tunnel. • https://packetstorm.news/files/id/190853 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0889 – Privilege Management for Windows – Elevation of Privilege
https://notcve.org/view.php?id=CVE-2025-0889
26 Feb 2025 — Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process. • https://www.beyondtrust.com/trust-center/security-advisories/bt25-01 • CWE-268: Privilege Chaining •
CVSS: 10.0EPSS: 10%CPEs: 1EXPL: 0CVE-2024-12686 – BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) OS Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-12686
18 Dec 2024 — A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user. BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain an OS command injection vulnerability that can be exploited by an attacker with existing administrative privileges to upload a malicious file. Successful exploitation of this vulnerability can allow a remote attacker to execute unde... • https://nvd.nist.gov/vuln/detail/CVE-2024-12686 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 93%CPEs: 2EXPL: 2CVE-2024-12356 – BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability
https://notcve.org/view.php?id=CVE-2024-12356
17 Dec 2024 — A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) contain a command injection vulnerability, which can allow an unauthenticated attacker to inject commands that are run as a site user. • https://packetstorm.news/files/id/189316 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9110 – Cross-Site Scripting In Privileged Identity
https://notcve.org/view.php?id=CVE-2024-9110
30 Oct 2024 — A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks. Se ha identificado una vulnerabilidad de gravedad media en Privileged Identity que puede permitir a un atacante realizar ataques de Cross Site Scripting reflejado. • https://www.beyondtrust.com/trust-center/security-advisories/bt24-09 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2024-5812 – Smart Rule Overwrite Bypass in BeyondInsight PasswordSafe
https://notcve.org/view.php?id=CVE-2024-5812
11 Jun 2024 — A low severity vulnerability in BIPS has been identified where an attacker with high privileges or a compromised high privilege account can overwrite Read-Only smart rules via a specially crafted API request. Se ha identificado una vulnerabilidad de baja gravedad en BIPS donde un atacante con altos privilegios o una cuenta comprometida con altos privilegios puede sobrescribir reglas inteligentes de solo lectura a través de una solicitud API especialmente manipulada. • https://www.beyondtrust.com/trust-center/security-advisories/bt24-07 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5813 – SSH Private Key Leak in BeyondInsight PasswordSafe
https://notcve.org/view.php?id=CVE-2024-5813
11 Jun 2024 — A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response. Se ha identificado una vulnerabilidad de gravedad media en BIPS donde un atacante autenticado con altos privilegios puede acceder a las claves privadas SSH a través de una fuga de información en la respuesta del servidor. • https://www.beyondtrust.com/trust-center/security-advisories/bt24-08 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •