Local Authentication Bypass in BeyondTrust Privileged Remote Access
CVE-2023-23632

7.8HIGH

Key Information:

Vendor: Beyondtrust
Status: Privileged Remote Access
Vendor: CVE Published:; 12 October 2023

🔔 Create Beyondtrust Vulnerability Alert

What is CVE-2023-23632?

BeyondTrust Privileged Remote Access (PRA) versions 22.2.x through 22.4.x are affected by a vulnerability that allows attackers to bypass local authentication. This exploitation is made possible through a flaw in the secret verification mechanism utilized in BYOT shell jump sessions. By guessing just the first character of the secret, an unauthorized user can gain access to jump items, posing a significant risk to sensitive information and systems managed through the PRA service.

References

https://www.compass-security.com/fileadmin/Research/Advis...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 12, 2023
Vulnerability Reserved
Jan 16, 2023

JSON