Vendor scorecard
BeyondTrust
BeyondTrust security disclosure record — CVE volume, CVSS severity mix and product-category breakdown, sourced from the NIST NVD.
CPE: beyondtrust
Product families
1
Open in latest
5
Inferred — see methodology
Last disclosure
Feb 6, 2026
01
Product categories
1 trackedCVE volume, severity mix and the inferred latest shipping version per category.
| Category | CVEs | Volume | Severity mix | Open | Inferred latest |
|---|---|---|---|---|---|
| Privileged Remote Access / PAMSecure Remote Access / VPN · Identity & Access Managementprivileged_remote_access, remote_support, privilege_management_for_windows | 24 | 5 | 2023-07-14MED |
02
Recent CVEs
12 shownMost recently published, newest first. Each ID links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2026-1731(opens NVD record) | Critical | 9.8 | BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user. | Feb 6, 2026 |
| CVE-2025-6250(opens NVD record) | Medium | 6.7 | Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions. | Jul 28, 2025 |
| CVE-2025-2297(opens NVD record) | High | 7.8 | Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator. | Jul 28, 2025 |
| CVE-2025-5309(opens NVD record) | Critical | 9.8 | The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution. | Jun 16, 2025 |
| CVE-2025-0217(opens NVD record) | High | 7.8 | BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions. | May 5, 2025 |
| CVE-2025-0889(opens NVD record) | High | 7.8 | Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process. | Feb 26, 2025 |
| CVE-2024-12686(opens NVD record) | Medium | 6.6 | A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user. | Dec 18, 2024 |
| CVE-2024-12356(opens NVD record) | Critical | 9.8 | A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. | Dec 17, 2024 |
| CVE-2024-25083(opens NVD record) | Medium | 6.3 | An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. When an low-privileged user initiates a repair, there is an attack vector through which the user is able to execute any program with elevated privileges. | Feb 16, 2024 |
| CVE-2024-1591(opens NVD record) | Low | 3.3 | Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues. | Feb 16, 2024 |
| CVE-2023-49944(opens NVD record) | Medium | 6.7 | The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature. | Dec 25, 2023 |
| CVE-2020-28369(opens NVD record) | High | 7.8 | In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp. | Dec 12, 2023 |
19 CVEs · 1 product families