- Description
- BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions.
- Source
- 13061848-ea10-403d-bd75-c83a022c2891
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 7.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- 13061848-ea10-403d-bd75-c83a022c2891
- CWE-287
- Hype score
- Not currently trending
🚨 CVE-2025-0217 🔴 HIGH (7.3) 🏢 BeyondTrust - Privileged Remote Access 🏗️ 0 🔗 https://t.co/gCZxdueyyw #CyberCron #VulnAlert #InfoSec https://t.co/wXFVC0LZmG
@cybercronai
7 May 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
https://t.co/vFNkdQwQY7 BeyondTrust PRA connection takeover - CVE-2025-0217
@CALIVEDATA
6 May 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
BeyondTrust PRA Vulnerability (CVE-2025-0217) Enables Session Hijacking via Authentication Bypass CVE-2025-0217 flaw in BeyondTrust PRA allows session hijacking via local auth bypass. Upgrade to version 25.1+ to prevent exploitation. https://t.co/AAkAYj37L7
@the_yellow_fall
5 May 2025
292 Impressions
2 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-0217 BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connectio… https://t.co/MOxnjN5jNp
@CVEnew
5 May 2025
253 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes