Server-Side Template Injection Vulnerability in Remote Support and Privileged Remote Access by BeyondTrust
CVE-2025-5309

8.6HIGH

Key Information:

Vendor: Beyondtrust
Status: Remote Support & Privileged Remote Access; Remote Support(rs) & Privileged Remote Access(pra)
Vendor: CVE Published:; 16 June 2025

🔔 Create Beyondtrust Vulnerability Alert

Badges

📈 Score: 347👾 Exploit Exists📰 News Worthy

What is CVE-2025-5309?

CVE-2025-5309 is a severe vulnerability affecting the chat feature within BeyondTrust's Remote Support (RS) and Privileged Remote Access (PRA) products. This vulnerability is classified as a Server-Side Template Injection (SSTI), which occurs when an application processes untrusted input through a template engine in the server's environment. Through this flaw, attackers can potentially execute arbitrary code on the server, compromising the integrity and confidentiality of the system. The critical purpose of the RS and PRA solutions is to facilitate secure remote support and access for IT administrators, enabling them to assist users and manage resources effectively. With CVE-2025-5309, an attacker may gain a foothold within an organization's network, leading to severe security repercussions.

Potential impact of CVE-2025-5309

Remote Code Execution: The inherent nature of SSTI vulnerabilities allows attackers to execute arbitrary code on the server. This could lead to unauthorized access, data manipulation, or service disruptions, emphasizing the criticality of this vulnerability.
Compromise of Sensitive Information: Exploiting this vulnerability may result in a breach of sensitive data, as attackers could access confidential user information, configuration details, or security credentials, potentially facilitating further attacks.
Increased Attack Surface: The vulnerability may serve as an entry point for larger-scale attacks within an organization’s infrastructure. Once exploited, it could allow attackers to pivot to other systems, leading to a broader compromise and escalating risk to the entire network.

Affected Version(s)

Remote support & Privileged Remote Access 24.2.2 <= 24.2.4

Remote support & Privileged Remote Access 24.3.1 <= 24.3.3

Remote support & Privileged Remote Access 25.1.1

News Articles

GBHackers News

CVE-2025-5309

BeyondTrust Tools RCE Vulnerability Allows Attackers Execute Arbitrary Code

A newly disclosed vulnerability in BeyondTrust’s Remote Support (RS) and Privileged Remote Access (PRA) products has raised alarms across the cybersecurity community.

References

https://www.beyondtrust.com/trust-center/security-advisor...

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jun 17, 2025
📰
First article discovered by GBHackers News
Jun 17, 2025
Vulnerability published
Jun 16, 2025
Vulnerability Reserved
May 28, 2025

Credit

Jorren Geurts of Resillion