Beyondtost has issued security updates to fix high-seriousness defects in its remote support (RS) and prevention remote access (PRA) solutions that may allow unnatural attackers to obtain distance code performance on the weaker server.
Remote support is the enterprise-grade remote support solution of the beaondtrust that helps to troubleshoot teams by connecting IT away with systems and devices, while privileged remote access acts as a safe gateway and ensures that users can use only specific systems and resources that they are authorized to use.
Tricked as CVE-2025-5309, it was discovered by server-side template injection vulnerable Joren Gurates of Rejilian In the chat feature of BeyondTust RS/Pvt.
“Remote support and privileged remote access components do not survive the inputs intended properly for template engines, causing a possible template injection vulnerability,” Explained in Monday’s advisor,
“This defect may allow an attacker to execute arbitrary code in terms of server. In particular, in case of distance support, exploitation does not require authentication.”
BeondTust has patched all RS/PRA cloud systems by June 16, 2025, and on-primesce customers have advised customers to manually apply the patch if they have not enabled automated updates.
The administrators who cannot immediately deploy security patch can reduce the risk of exploitation to CVE -2025-5309 by enabling SAML certification to the public portal. They should also implement the use of sessions keys by disabled by representing the representative list and the survey presented to start the session keys.
| product | Fixed version |
| remote support | 24.2.2 to 24.2.4 with help -10826-2 patch |
| remote support | 24.3.1 to 24.3.3 Help -10826-2 with patch |
| remote support | 24.3.4 and any future 24.3.x releases |
| Privileged remote access | 25.1.1 Help -10826-1 Patch |
| Privileged remote access | 25.1.2 and above |
| Privileged remote access | 24.2.2 to 24.2.4 with help -10826-2 patch |
| Privileged remote access | 24.3.1 to 24.3.3 Help -10826-2 with patch |
| Privileged remote access | 25.1.1 Help -10826-1 Patch |
While the company did not say that this vulnerability has been exploited in the wild, in recent years attacks have been targeted by other persux RS/PRA security flaws.
Recently, the company revealed in early December that the attackers violated their system using two rupees/PRA zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a postgresql zero-day (CVE-2015-1094). He also stole an API key during the breech, which was used to compromise 17 distance support mother -in -law institute.
After less than a month after a month, the US Treasury Department revealed that its network was hacked, an incident that took place later Chinese state is associated with supported hackers The silk was tracked as typhoon.
Chinese cyberspace targeted the Foreign Property Control Office (OFAC), which manages the trade and economic restriction programs and the committee on foreign investment in the United States (CFIUS), which reviews foreign investment for national security risks.
Silk typhoon is believed to have accessed the bendstast example of the treasury to steal uninterrupted information about potential restrictions and other similar sensitive documents.
CISA added CVE-2024–12356 to its known exploited vulnerability catalog on 19 December, ordered American federal agencies to secure their network within a week by 13 January.
Beyondtost provides identification security services for over 20,000 customers in over 100 countries, including 75% Fortune 100 companies worldwide.
Patching meant complex scripts, long and endless fire drills. No more.
In this new guide, the tines break down how it is leveling with modern organ automation. Patch fast, reduce overhead, and focus on strategic tasks – no complex script is required.
