Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    75 vulnerabilities by beyondtrust

    CVE-2026-40141 (GCVE-0-2026-40141)

    Vulnerability from nvd – Published: 2026-07-06 16:13 – Updated: 2026-07-07 14:56
    VLAI
    Title
    High-Severity Vulnerability In Web Application Component of BeyondTrust Remote Support and Privileged Remote Access
    Summary
    A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters. Insufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to access unintended resources or data beyond their authorization scope. Exploitation is restricted to accounts with specific permissions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-943 - Improper Neutralization of Special Elements in Data Query Logic
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Remote Support Affected: 0 , ≤ 25.3.2 (custom)
    Create a notification for this product.
    BeyondTrust Privilege Remote Access Affected: 0 , ≤ 25.3.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40141",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T18:55:59.570650Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-06T18:56:11.968Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privilege Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cp\u003e\u003cspan\u003e\u003cspan\u003eA high-severity vulnerability exists in a web application \u003c/span\u003e\u003cspan\u003ecomponent\u003c/span\u003e\u003cspan\u003e of \u003c/span\u003e\u003cspan\u003eBeyondTrust\u003c/span\u003e\u003cspan\u003e Remote Support and Privileged Remote Access related to the processing of certain input parameters.\u0026nbsp;\u003c/span\u003e\u003c/span\u003eInsufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to access unintended resources or data beyond their authorization scope. Exploitation is restricted to accounts with specific permissions. \u003c/p\u003e\u003c/div\u003e"
                }
              ],
              "value": "A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters.\u00a0Insufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to access unintended resources or data beyond their authorization scope. Exploitation is restricted to accounts with specific permissions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-66",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-66 SQL Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-943",
                  "description": "CWE-943 Improper Neutralization of Special Elements in Data Query Logic",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-07T14:56:42.895Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "High-Severity Vulnerability In Web Application Component of BeyondTrust Remote Support and Privileged Remote Access",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-40141",
        "datePublished": "2026-07-06T16:13:42.284Z",
        "dateReserved": "2026-04-09T18:36:13.133Z",
        "dateUpdated": "2026-07-07T14:56:42.895Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40140 (GCVE-0-2026-40140)

    Vulnerability from nvd – Published: 2026-07-06 16:13 – Updated: 2026-07-07 15:01
    VLAI
    Title
    High-Severity Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access
    Summary
    BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting appliance availability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40140",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T18:55:25.321625Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-06T18:55:46.474Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003e\u003cspan\u003eBeyondTrust Remote Support and Privileged Remote Access \u003c/span\u003e\u003cspan\u003econtain\u003c/span\u003e\u003cspan\u003e \u003c/span\u003e\u003cspan\u003ea high\u003c/span\u003e\u003cspan\u003e-severity pre-authentication vulnerability in the network communication subsystem.\u0026nbsp;\u003c/span\u003e\u003c/span\u003eInsufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting appliance availability."
                }
              ],
              "value": "BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem.\u00a0Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting appliance availability."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-124",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-124 Shared Resource Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-07T15:01:24.511Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "High-Severity Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-40140",
        "datePublished": "2026-07-06T16:13:22.126Z",
        "dateReserved": "2026-04-09T18:36:13.133Z",
        "dateUpdated": "2026-07-07T15:01:24.511Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40139 (GCVE-0-2026-40139)

    Vulnerability from nvd – Published: 2026-07-06 16:13 – Updated: 2026-07-07 15:00
    VLAI
    Title
    Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access
    Summary
    A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40139",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-07T03:56:31.765Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003e\u003cspan\u003eA critical pre-authentication vulnerability exists in the authentication subsystem of \u003c/span\u003e\u003cspan\u003eBeyondTrust\u003c/span\u003e\u003cspan\u003e Remote Support.\u0026nbsp;\u003c/span\u003e\u003c/span\u003eImproper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled."
                }
              ],
              "value": "A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support.\u00a0Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 9.2,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-07T15:00:13.079Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-40139",
        "datePublished": "2026-07-06T16:13:02.413Z",
        "dateReserved": "2026-04-09T18:36:13.133Z",
        "dateUpdated": "2026-07-07T15:00:13.079Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40138 (GCVE-0-2026-40138)

    Vulnerability from nvd – Published: 2026-07-06 16:12 – Updated: 2026-07-07 14:59
    VLAI
    Title
    Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access
    Summary
    A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40138",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-07T03:56:32.836Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003eA critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled\u003c/div\u003e\u003c/div\u003e"
                }
              ],
              "value": "A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 9.2,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-07T14:59:19.946Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-40138",
        "datePublished": "2026-07-06T16:12:42.627Z",
        "dateReserved": "2026-04-09T18:36:13.133Z",
        "dateUpdated": "2026-07-07T14:59:19.946Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1731 (GCVE-0-2026-1731)

    Vulnerability from nvd – Published: 2026-02-06 21:49 – Updated: 2026-02-26 15:04
    VLAI CISA ENISA KEVIntel
    Title
    Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)
    Summary
    BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Remote Support(RS) & Privileged Remote Access(PRA) Affected: 0 , ≤ RS 25.3.1 (custom)
    Affected: 0 , ≤ PRA 24.3.4 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1731",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-14T04:55:25.328322Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-02-13",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:15.451Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/win3zz/CVE-2026-1731"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731"
              },
              {
                "tags": [
                  "third-party-advisory"
                ],
                "url": "https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-02-13T00:00:00.000Z",
                "value": "CVE-2026-1731 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support(RS) \u0026 Privileged Remote Access(PRA)",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "RS 25.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "PRA 24.3.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:H/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-06T21:49:20.844Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article\u0026sysparm_article=KB0023293"
            },
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-02"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-1731",
        "datePublished": "2026-02-06T21:49:20.844Z",
        "dateReserved": "2026-01-31T23:54:56.922Z",
        "dateUpdated": "2026-02-26T15:04:15.451Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1232 (GCVE-0-2026-1232)

    Vulnerability from nvd – Published: 2026-02-02 16:18 – Updated: 2026-02-02 16:35
    VLAI
    Title
    Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows
    Summary
    A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions <=25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-02T16:35:19.653452Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-02T16:35:48.876Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Privilege management for Windows",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "cpe"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions \u0026lt;=25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product\u2019s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration.\u003c/span\u003e"
                }
              ],
              "value": "A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions \u003c=25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product\u2019s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-122",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-122 Privilege Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-693",
                  "description": "CWE-693",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-02T16:18:47.242Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-01"
            },
            {
              "url": "https://beyondtrustcorp.service-now.com/csm?id=kb_article_view\u0026sysparm_article=KB0023100"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-1232",
        "datePublished": "2026-02-02T16:18:47.242Z",
        "dateReserved": "2026-01-20T15:30:42.757Z",
        "dateUpdated": "2026-02-02T16:35:48.876Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-6250 (GCVE-0-2025-6250)

    Vulnerability from nvd – Published: 2025-07-28 15:40 – Updated: 2025-07-28 17:22
    VLAI
    Title
    Privilege Management for Windows - Elevation of Privilege
    Summary
    Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Privilege Management for Windows Affected: 0 , < <25.4.270 (cpe)
    Create a notification for this product.
    Credits
    MSG Systems AG
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6250",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-28T17:22:35.364250Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-28T17:22:45.226Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Privilege Management for Windows",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "\u003c25.4.270",
                  "status": "affected",
                  "version": "0",
                  "versionType": "cpe"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "MSG Systems AG"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.\u0026nbsp;"
                }
              ],
              "value": "Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-424",
                  "description": "CWE-424",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-28T15:40:28.381Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-06"
            }
          ],
          "source": {
            "advisory": "bt25-06",
            "discovery": "UNKNOWN"
          },
          "title": "Privilege Management for Windows - Elevation of Privilege",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-6250",
        "datePublished": "2025-07-28T15:40:28.381Z",
        "dateReserved": "2025-06-18T18:48:28.860Z",
        "dateUpdated": "2025-07-28T17:22:45.226Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-2297 (GCVE-0-2025-2297)

    Vulnerability from nvd – Published: 2025-07-28 15:40 – Updated: 2025-07-28 17:22
    VLAI
    Title
    Privilege Management for Windows - Elevation of Privilege
    Summary
    Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Privilege Management for Windows Affected: 0 , < <25.4.270 (cpe)
    Create a notification for this product.
    Credits
    Lukasz Piotrowski Marius Kotlarz
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-2297",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-28T17:22:05.722414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-28T17:22:18.590Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Privilege Management for Windows",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "\u003c25.4.270",
                  "status": "affected",
                  "version": "0",
                  "versionType": "cpe"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Lukasz Piotrowski"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Marius Kotlarz"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator.\u003cbr\u003e"
                }
              ],
              "value": "Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-268",
                  "description": "CWE-268",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-28T15:40:14.633Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-05"
            }
          ],
          "source": {
            "advisory": "BT25-05",
            "discovery": "UNKNOWN"
          },
          "title": "Privilege Management for Windows - Elevation of Privilege",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-2297",
        "datePublished": "2025-07-28T15:40:14.633Z",
        "dateReserved": "2025-03-13T21:22:29.654Z",
        "dateUpdated": "2025-07-28T17:22:18.590Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-5309 (GCVE-0-2025-5309)

    Vulnerability from nvd – Published: 2025-06-16 16:06 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Remote Support & Privileged Remote Access server side template injection
    Summary
    The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Remote support & Privileged Remote Access Affected: 24.2.2 , ≤ 24.2.4 (custom)
    Affected: 24.3.1 , ≤ 24.3.3 (custom)
    Affected: 25.1.1 (custom)
    Create a notification for this product.
    BeyondTrust Remote Support(RS) & Privileged Remote Access(PRA) Affected: 24.2.2 , ≤ 24.2.4 (custom)
    Affected: 24.3.1 , ≤ 24.3.4 (custom)
    Affected: 25.1.1 (custom)
    Create a notification for this product.
    Credits
    Jorren Geurts of Resillion
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5309",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-19T03:55:07.428165Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:35.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote support \u0026 Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.2.4",
                  "status": "affected",
                  "version": "24.2.2",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "24.3.3",
                  "status": "affected",
                  "version": "24.3.1",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "25.1.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support(RS) \u0026 Privileged Remote Access(PRA)",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.2.4",
                  "status": "affected",
                  "version": "24.2.2",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "24.3.4",
                  "status": "affected",
                  "version": "24.3.1",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "25.1.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jorren Geurts of Resillion"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-16T23:11:53.479Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-04"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Remote Support \u0026 Privileged Remote Access server side template injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-5309",
        "datePublished": "2025-06-16T16:06:14.413Z",
        "dateReserved": "2025-05-28T17:50:50.656Z",
        "dateUpdated": "2026-02-26T17:50:35.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0217 (GCVE-0-2025-0217)

    Vulnerability from nvd – Published: 2025-05-05 17:00 – Updated: 2025-11-03 19:35
    VLAI
    Title
    Privileged Remote Access Authentication Bypass
    Summary
    BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Privileged Remote Access Affected: 0 , < 25.1.1 (custom)
    Create a notification for this product.
    Credits
    Paul Szabo of the University of Sydney
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0217",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-05T17:14:56.030570Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:15:02.220Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:35:05.560Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2025/May/1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "25.1.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Paul Szabo of the University of Sydney"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions."
                }
              ],
              "value": "BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-05T17:00:05.244Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Privileged Remote Access Authentication Bypass",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-0217",
        "datePublished": "2025-05-05T17:00:05.244Z",
        "dateReserved": "2025-01-03T22:06:31.577Z",
        "dateUpdated": "2025-11-03T19:35:05.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0889 (GCVE-0-2025-0889)

    Vulnerability from nvd – Published: 2025-02-26 01:41 – Updated: 2025-02-26 15:43
    VLAI
    Title
    Privilege Management for Windows – Elevation of Privilege
    Summary
    Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0889",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T14:46:53.686658Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:43:14.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Privilege Management for Windows",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "25.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process.\u0026nbsp;"
                }
              ],
              "value": "Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-268",
                  "description": "CWE-268",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-26T01:41:25.407Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-01"
            }
          ],
          "source": {
            "advisory": "https://www.beyondtrust.com/trust-center/security-advisories/bt2",
            "discovery": "UNKNOWN"
          },
          "title": "Privilege Management for Windows \u2013 Elevation of Privilege",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-0889",
        "datePublished": "2025-02-26T01:41:25.407Z",
        "dateReserved": "2025-01-30T17:52:42.202Z",
        "dateUpdated": "2025-02-26T15:43:14.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12686 (GCVE-0-2024-12686)

    Vulnerability from nvd – Published: 2024-12-18 20:23 – Updated: 2025-10-21 22:55
    VLAI CISA KEVIntel
    Title
    Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)
    Summary
    A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    BT
    Impacted products
    Date Public
    2024-12-18 19:41
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12686",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-13T15:32:45.601180Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-01-13",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12686"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T22:55:34.086Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12686"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-01-13T00:00:00.000Z",
                "value": "CVE-2024-12686 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support(RS) \u0026 Privileged Remote Access(PRA)",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2024-12-18T19:41:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-18T20:23:57.909Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12686"
            },
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-11"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Command Injection vulnerability in Remote Support(RS) \u0026 Privilege Remote Access (PRA)",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2024-12686",
        "datePublished": "2024-12-18T20:23:57.909Z",
        "dateReserved": "2024-12-16T18:58:57.921Z",
        "dateUpdated": "2025-10-21T22:55:34.086Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12356 (GCVE-0-2024-12356)

    Vulnerability from nvd – Published: 2024-12-17 04:29 – Updated: 2025-10-21 22:55
    VLAI CISA KEVIntel
    Title
    Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)
    Summary
    A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    BT
    Impacted products
    Date Public
    2024-12-17 04:28
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12356",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-19T18:04:49.357119Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2024-12-19",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12356"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T22:55:34.239Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12356"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2024-12-19T00:00:00.000Z",
                "value": "CVE-2024-12356 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-02-17T20:34:17.077Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2024-12-17T04:28:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-29T19:35:07.022Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-12356"
            },
            {
              "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12356"
            },
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Command Injection Vulnerability in Remote Support(RS) \u0026 Privileged Remote Access (PRA)",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2024-12356",
        "datePublished": "2024-12-17T04:29:07.883Z",
        "dateReserved": "2024-12-08T18:31:21.494Z",
        "dateUpdated": "2025-10-21T22:55:34.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9110 (GCVE-0-2024-9110)

    Vulnerability from nvd – Published: 2024-10-30 16:57 – Updated: 2024-11-01 19:39
    VLAI
    Title
    Cross-Site Scripting In Privileged Identity
    Summary
    A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Privileged Identity Affected: 0 , < 7.4.2 (custom)
    Create a notification for this product.
    beyondtrust privileged_identity Affected: 0 , < 7.4.2 (custom)
        cpe:2.3:a:beyondtrust:privileged_identity:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-10-30 16:32
    Credits
    Jonathan Birch (jobirch@exchange.microsoft.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:beyondtrust:privileged_identity:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "privileged_identity",
                "vendor": "beyondtrust",
                "versions": [
                  {
                    "lessThan": "7.4.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9110",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-30T17:26:50.357222Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-30T17:32:37.416Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Identity",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "7.4.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jonathan Birch (jobirch@exchange.microsoft.com)"
            }
          ],
          "datePublic": "2024-10-30T16:32:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks."
                }
              ],
              "value": "A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-591",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-591"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-01T19:39:41.922Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-09"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Cross-Site Scripting In Privileged Identity",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2024-9110",
        "datePublished": "2024-10-30T16:57:39.549Z",
        "dateReserved": "2024-09-23T17:45:22.394Z",
        "dateUpdated": "2024-11-01T19:39:41.922Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-5813 (GCVE-0-2024-5813)

    Vulnerability from nvd – Published: 2024-06-11 15:34 – Updated: 2024-08-01 21:25
    VLAI
    Title
    SSH Private Key Leak in BeyondInsight PasswordSafe
    Summary
    A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust BeyondInsight PasswordSafe Affected: 23.3 , < 23.3.0.929 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-5813",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-11T16:51:05.940606Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-11T16:51:18.689Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T21:25:02.822Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-08"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "BeyondInsight PasswordSafe",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "23.3.0.929",
                  "status": "affected",
                  "version": "23.3",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eA medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response.\u003cbr\u003e\u003c/p\u003e"
                }
              ],
              "value": "A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-410",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-410 Information Elicitation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-06-11T15:34:57.818Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-08"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "SSH Private Key Leak in BeyondInsight PasswordSafe",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2024-5813",
        "datePublished": "2024-06-11T15:34:57.818Z",
        "dateReserved": "2024-06-10T19:32:51.897Z",
        "dateUpdated": "2024-08-01T21:25:02.822Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2026-40141 (GCVE-0-2026-40141)

    Vulnerability from cvelistv5 – Published: 2026-07-06 16:13 – Updated: 2026-07-07 14:56
    VLAI
    Title
    High-Severity Vulnerability In Web Application Component of BeyondTrust Remote Support and Privileged Remote Access
    Summary
    A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters. Insufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to access unintended resources or data beyond their authorization scope. Exploitation is restricted to accounts with specific permissions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-943 - Improper Neutralization of Special Elements in Data Query Logic
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Remote Support Affected: 0 , ≤ 25.3.2 (custom)
    Create a notification for this product.
    BeyondTrust Privilege Remote Access Affected: 0 , ≤ 25.3.2 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40141",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T18:55:59.570650Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-06T18:56:11.968Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privilege Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cp\u003e\u003cspan\u003e\u003cspan\u003eA high-severity vulnerability exists in a web application \u003c/span\u003e\u003cspan\u003ecomponent\u003c/span\u003e\u003cspan\u003e of \u003c/span\u003e\u003cspan\u003eBeyondTrust\u003c/span\u003e\u003cspan\u003e Remote Support and Privileged Remote Access related to the processing of certain input parameters.\u0026nbsp;\u003c/span\u003e\u003c/span\u003eInsufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to access unintended resources or data beyond their authorization scope. Exploitation is restricted to accounts with specific permissions. \u003c/p\u003e\u003c/div\u003e"
                }
              ],
              "value": "A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters.\u00a0Insufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to access unintended resources or data beyond their authorization scope. Exploitation is restricted to accounts with specific permissions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-66",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-66 SQL Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-943",
                  "description": "CWE-943 Improper Neutralization of Special Elements in Data Query Logic",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-07T14:56:42.895Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "High-Severity Vulnerability In Web Application Component of BeyondTrust Remote Support and Privileged Remote Access",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-40141",
        "datePublished": "2026-07-06T16:13:42.284Z",
        "dateReserved": "2026-04-09T18:36:13.133Z",
        "dateUpdated": "2026-07-07T14:56:42.895Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40140 (GCVE-0-2026-40140)

    Vulnerability from cvelistv5 – Published: 2026-07-06 16:13 – Updated: 2026-07-07 15:01
    VLAI
    Title
    High-Severity Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access
    Summary
    BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting appliance availability.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40140",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T18:55:25.321625Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-06T18:55:46.474Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003e\u003cspan\u003eBeyondTrust Remote Support and Privileged Remote Access \u003c/span\u003e\u003cspan\u003econtain\u003c/span\u003e\u003cspan\u003e \u003c/span\u003e\u003cspan\u003ea high\u003c/span\u003e\u003cspan\u003e-severity pre-authentication vulnerability in the network communication subsystem.\u0026nbsp;\u003c/span\u003e\u003c/span\u003eInsufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting appliance availability."
                }
              ],
              "value": "BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem.\u00a0Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting appliance availability."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-124",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-124 Shared Resource Manipulation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.7,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-400",
                  "description": "CWE-400 Uncontrolled Resource Consumption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-07T15:01:24.511Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "High-Severity Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-40140",
        "datePublished": "2026-07-06T16:13:22.126Z",
        "dateReserved": "2026-04-09T18:36:13.133Z",
        "dateUpdated": "2026-07-07T15:01:24.511Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40139 (GCVE-0-2026-40139)

    Vulnerability from cvelistv5 – Published: 2026-07-06 16:13 – Updated: 2026-07-07 15:00
    VLAI
    Title
    Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access
    Summary
    A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40139",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-07T03:56:31.765Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan\u003e\u003cspan\u003eA critical pre-authentication vulnerability exists in the authentication subsystem of \u003c/span\u003e\u003cspan\u003eBeyondTrust\u003c/span\u003e\u003cspan\u003e Remote Support.\u0026nbsp;\u003c/span\u003e\u003c/span\u003eImproper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled."
                }
              ],
              "value": "A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support.\u00a0Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 9.2,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-07T15:00:13.079Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-40139",
        "datePublished": "2026-07-06T16:13:02.413Z",
        "dateReserved": "2026-04-09T18:36:13.133Z",
        "dateUpdated": "2026-07-07T15:00:13.079Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-40138 (GCVE-0-2026-40138)

    Vulnerability from cvelistv5 – Published: 2026-07-06 16:12 – Updated: 2026-07-07 14:59
    VLAI
    Title
    Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access
    Summary
    A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-40138",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-07-06T00:00:00+00:00",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-07-07T03:56:32.836Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.3.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cdiv\u003e\u003cdiv\u003eA critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled\u003c/div\u003e\u003c/div\u003e"
                }
              ],
              "value": "A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "NETWORK",
                "baseScore": 9.2,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-07-07T14:59:19.946Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-40138",
        "datePublished": "2026-07-06T16:12:42.627Z",
        "dateReserved": "2026-04-09T18:36:13.133Z",
        "dateUpdated": "2026-07-07T14:59:19.946Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1731 (GCVE-0-2026-1731)

    Vulnerability from cvelistv5 – Published: 2026-02-06 21:49 – Updated: 2026-02-26 15:04
    VLAI CISA ENISA KEVIntel
    Title
    Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)
    Summary
    BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Remote Support(RS) & Privileged Remote Access(PRA) Affected: 0 , ≤ RS 25.3.1 (custom)
    Affected: 0 , ≤ PRA 24.3.4 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1731",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-14T04:55:25.328322Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2026-02-13",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T15:04:15.451Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "exploit"
                ],
                "url": "https://github.com/win3zz/CVE-2026-1731"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731"
              },
              {
                "tags": [
                  "third-party-advisory"
                ],
                "url": "https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2026-02-13T00:00:00.000Z",
                "value": "CVE-2026-1731 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support(RS) \u0026 Privileged Remote Access(PRA)",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "RS 25.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "PRA 24.3.4",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 9.9,
                "baseSeverity": "CRITICAL",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "LOW",
                "subConfidentialityImpact": "LOW",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:H/SA:L",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-06T21:49:20.844Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article\u0026sysparm_article=KB0023293"
            },
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-02"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-1731",
        "datePublished": "2026-02-06T21:49:20.844Z",
        "dateReserved": "2026-01-31T23:54:56.922Z",
        "dateUpdated": "2026-02-26T15:04:15.451Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-1232 (GCVE-0-2026-1232)

    Vulnerability from cvelistv5 – Published: 2026-02-02 16:18 – Updated: 2026-02-02 16:35
    VLAI
    Title
    Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows
    Summary
    A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions <=25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-1232",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-02T16:35:19.653452Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-02T16:35:48.876Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Privilege management for Windows",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "25.7",
                  "status": "affected",
                  "version": "0",
                  "versionType": "cpe"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions \u0026lt;=25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product\u2019s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration.\u003c/span\u003e"
                }
              ],
              "value": "A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions \u003c=25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product\u2019s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-122",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-122 Privilege Abuse"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 6.8,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "LOW",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-693",
                  "description": "CWE-693",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-02T16:18:47.242Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-01"
            },
            {
              "url": "https://beyondtrustcorp.service-now.com/csm?id=kb_article_view\u0026sysparm_article=KB0023100"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows",
          "x_generator": {
            "engine": "Vulnogram 0.5.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2026-1232",
        "datePublished": "2026-02-02T16:18:47.242Z",
        "dateReserved": "2026-01-20T15:30:42.757Z",
        "dateUpdated": "2026-02-02T16:35:48.876Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-6250 (GCVE-0-2025-6250)

    Vulnerability from cvelistv5 – Published: 2025-07-28 15:40 – Updated: 2025-07-28 17:22
    VLAI
    Title
    Privilege Management for Windows - Elevation of Privilege
    Summary
    Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Privilege Management for Windows Affected: 0 , < <25.4.270 (cpe)
    Create a notification for this product.
    Credits
    MSG Systems AG
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-6250",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-28T17:22:35.364250Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-28T17:22:45.226Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Privilege Management for Windows",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "\u003c25.4.270",
                  "status": "affected",
                  "version": "0",
                  "versionType": "cpe"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "MSG Systems AG"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.\u0026nbsp;"
                }
              ],
              "value": "Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "privilegesRequired": "HIGH",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-424",
                  "description": "CWE-424",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-28T15:40:28.381Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-06"
            }
          ],
          "source": {
            "advisory": "bt25-06",
            "discovery": "UNKNOWN"
          },
          "title": "Privilege Management for Windows - Elevation of Privilege",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-6250",
        "datePublished": "2025-07-28T15:40:28.381Z",
        "dateReserved": "2025-06-18T18:48:28.860Z",
        "dateUpdated": "2025-07-28T17:22:45.226Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-2297 (GCVE-0-2025-2297)

    Vulnerability from cvelistv5 – Published: 2025-07-28 15:40 – Updated: 2025-07-28 17:22
    VLAI
    Title
    Privilege Management for Windows - Elevation of Privilege
    Summary
    Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Privilege Management for Windows Affected: 0 , < <25.4.270 (cpe)
    Create a notification for this product.
    Credits
    Lukasz Piotrowski Marius Kotlarz
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-2297",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-07-28T17:22:05.722414Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-07-28T17:22:18.590Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Privilege Management for Windows",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "\u003c25.4.270",
                  "status": "affected",
                  "version": "0",
                  "versionType": "cpe"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Lukasz Piotrowski"
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Marius Kotlarz"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator.\u003cbr\u003e"
                }
              ],
              "value": "Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "HIGH",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-268",
                  "description": "CWE-268",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-07-28T15:40:14.633Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-05"
            }
          ],
          "source": {
            "advisory": "BT25-05",
            "discovery": "UNKNOWN"
          },
          "title": "Privilege Management for Windows - Elevation of Privilege",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-2297",
        "datePublished": "2025-07-28T15:40:14.633Z",
        "dateReserved": "2025-03-13T21:22:29.654Z",
        "dateUpdated": "2025-07-28T17:22:18.590Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-5309 (GCVE-0-2025-5309)

    Vulnerability from cvelistv5 – Published: 2025-06-16 16:06 – Updated: 2026-02-26 17:50
    VLAI
    Title
    Remote Support & Privileged Remote Access server side template injection
    Summary
    The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Remote support & Privileged Remote Access Affected: 24.2.2 , ≤ 24.2.4 (custom)
    Affected: 24.3.1 , ≤ 24.3.3 (custom)
    Affected: 25.1.1 (custom)
    Create a notification for this product.
    BeyondTrust Remote Support(RS) & Privileged Remote Access(PRA) Affected: 24.2.2 , ≤ 24.2.4 (custom)
    Affected: 24.3.1 , ≤ 24.3.4 (custom)
    Affected: 25.1.1 (custom)
    Create a notification for this product.
    Credits
    Jorren Geurts of Resillion
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-5309",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-19T03:55:07.428165Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-26T17:50:35.531Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote support \u0026 Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.2.4",
                  "status": "affected",
                  "version": "24.2.2",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "24.3.3",
                  "status": "affected",
                  "version": "24.3.1",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "25.1.1",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support(RS) \u0026 Privileged Remote Access(PRA)",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.2.4",
                  "status": "affected",
                  "version": "24.2.2",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "24.3.4",
                  "status": "affected",
                  "version": "24.3.1",
                  "versionType": "custom"
                },
                {
                  "status": "affected",
                  "version": "25.1.1",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jorren Geurts of Resillion"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-248",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-248 Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 8.6,
                "baseSeverity": "HIGH",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-16T23:11:53.479Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-04"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Remote Support \u0026 Privileged Remote Access server side template injection",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-5309",
        "datePublished": "2025-06-16T16:06:14.413Z",
        "dateReserved": "2025-05-28T17:50:50.656Z",
        "dateUpdated": "2026-02-26T17:50:35.531Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0217 (GCVE-0-2025-0217)

    Vulnerability from cvelistv5 – Published: 2025-05-05 17:00 – Updated: 2025-11-03 19:35
    VLAI
    Title
    Privileged Remote Access Authentication Bypass
    Summary
    BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Privileged Remote Access Affected: 0 , < 25.1.1 (custom)
    Create a notification for this product.
    Credits
    Paul Szabo of the University of Sydney
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0217",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-05T17:14:56.030570Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-05T17:15:02.220Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:35:05.560Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "http://seclists.org/fulldisclosure/2025/May/1"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "25.1.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Paul Szabo of the University of Sydney"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions."
                }
              ],
              "value": "BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-115",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-115 Authentication Bypass"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "HIGH",
                "subConfidentialityImpact": "HIGH",
                "subIntegrityImpact": "HIGH",
                "userInteraction": "ACTIVE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287 Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-05-05T17:00:05.244Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-03"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Privileged Remote Access Authentication Bypass",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-0217",
        "datePublished": "2025-05-05T17:00:05.244Z",
        "dateReserved": "2025-01-03T22:06:31.577Z",
        "dateUpdated": "2025-11-03T19:35:05.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-0889 (GCVE-0-2025-0889)

    Vulnerability from cvelistv5 – Published: 2025-02-26 01:41 – Updated: 2025-02-26 15:43
    VLAI
    Title
    Privilege Management for Windows – Elevation of Privilege
    Summary
    Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-0889",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-26T14:46:53.686658Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-26T15:43:14.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "Windows"
              ],
              "product": "Privilege Management for Windows",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "25.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process.\u0026nbsp;"
                }
              ],
              "value": "Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-233",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-233 Privilege Escalation"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "PRESENT",
                "attackVector": "LOCAL",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-268",
                  "description": "CWE-268",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-02-26T01:41:25.407Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt25-01"
            }
          ],
          "source": {
            "advisory": "https://www.beyondtrust.com/trust-center/security-advisories/bt2",
            "discovery": "UNKNOWN"
          },
          "title": "Privilege Management for Windows \u2013 Elevation of Privilege",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2025-0889",
        "datePublished": "2025-02-26T01:41:25.407Z",
        "dateReserved": "2025-01-30T17:52:42.202Z",
        "dateUpdated": "2025-02-26T15:43:14.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12686 (GCVE-0-2024-12686)

    Vulnerability from cvelistv5 – Published: 2024-12-18 20:23 – Updated: 2025-10-21 22:55
    VLAI CISA KEVIntel
    Title
    Command Injection vulnerability in Remote Support(RS) & Privilege Remote Access (PRA)
    Summary
    A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    BT
    Impacted products
    Date Public
    2024-12-18 19:41
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12686",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-13T15:32:45.601180Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-01-13",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12686"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T22:55:34.086Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12686"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2025-01-13T00:00:00.000Z",
                "value": "CVE-2024-12686 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support(RS) \u0026 Privileged Remote Access(PRA)",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2024-12-18T19:41:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.6,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-18T20:23:57.909Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12686"
            },
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-11"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Command Injection vulnerability in Remote Support(RS) \u0026 Privilege Remote Access (PRA)",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2024-12686",
        "datePublished": "2024-12-18T20:23:57.909Z",
        "dateReserved": "2024-12-16T18:58:57.921Z",
        "dateUpdated": "2025-10-21T22:55:34.086Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12356 (GCVE-0-2024-12356)

    Vulnerability from cvelistv5 – Published: 2024-12-17 04:29 – Updated: 2025-10-21 22:55
    VLAI CISA KEVIntel
    Title
    Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)
    Summary
    A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
    Assigner
    BT
    Impacted products
    Date Public
    2024-12-17 04:28
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12356",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-19T18:04:49.357119Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2024-12-19",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12356"
                  },
                  "type": "kev"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T22:55:34.239Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-12356"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2024-12-19T00:00:00.000Z",
                "value": "CVE-2024-12356 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2025-02-17T20:34:17.077Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "url": "https://attackerkb.com/topics/G5s8ZWAbYH/cve-2024-12356/rapid7-analysis"
              }
            ],
            "title": "CVE Program Container",
            "x_generator": {
              "engine": "ADPogram 0.0.1"
            }
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Remote Support",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            },
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Remote Access",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThanOrEqual": "24.3.1",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "datePublic": "2024-12-17T04:28:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
                }
              ],
              "value": "A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-88",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-88 OS Command Injection"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-77",
                  "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-01-29T19:35:07.022Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.cve.org/CVERecord?id=CVE-2024-12356"
            },
            {
              "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12356"
            },
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-10"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Command Injection Vulnerability in Remote Support(RS) \u0026 Privileged Remote Access (PRA)",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2024-12356",
        "datePublished": "2024-12-17T04:29:07.883Z",
        "dateReserved": "2024-12-08T18:31:21.494Z",
        "dateUpdated": "2025-10-21T22:55:34.239Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-9110 (GCVE-0-2024-9110)

    Vulnerability from cvelistv5 – Published: 2024-10-30 16:57 – Updated: 2024-11-01 19:39
    VLAI
    Title
    Cross-Site Scripting In Privileged Identity
    Summary
    A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    BT
    Impacted products
    Vendor Product Version
    BeyondTrust Privileged Identity Affected: 0 , < 7.4.2 (custom)
    Create a notification for this product.
    beyondtrust privileged_identity Affected: 0 , < 7.4.2 (custom)
        cpe:2.3:a:beyondtrust:privileged_identity:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-10-30 16:32
    Credits
    Jonathan Birch (jobirch@exchange.microsoft.com)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:beyondtrust:privileged_identity:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "privileged_identity",
                "vendor": "beyondtrust",
                "versions": [
                  {
                    "lessThan": "7.4.2",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-9110",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-30T17:26:50.357222Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-30T17:32:37.416Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Privileged Identity",
              "vendor": "BeyondTrust",
              "versions": [
                {
                  "lessThan": "7.4.2",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jonathan Birch (jobirch@exchange.microsoft.com)"
            }
          ],
          "datePublic": "2024-10-30T16:32:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks."
                }
              ],
              "value": "A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-591",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-591"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 6.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-11-01T19:39:41.922Z",
            "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
            "shortName": "BT"
          },
          "references": [
            {
              "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt24-09"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "Cross-Site Scripting In Privileged Identity",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "assignerShortName": "BT",
        "cveId": "CVE-2024-9110",
        "datePublished": "2024-10-30T16:57:39.549Z",
        "dateReserved": "2024-09-23T17:45:22.394Z",
        "dateUpdated": "2024-11-01T19:39:41.922Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    VAR-202101-1926

    Vulnerability from variot - Updated: 2024-07-23 20:13

    Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. Summary:

    Red Hat Ansible Automation Platform Resource Operator 1.2 (technical preview) images that fix several security issues. Description:

    Red Hat Ansible Automation Platform Resource Operator container images with security fixes.

    Ansible Automation Platform manages Ansible Platform jobs and workflows that can interface with any infrastructure on a Red Hat OpenShift Container Platform cluster, or on a traditional infrastructure that is running off-cluster. Solution:

    Before applying this update, make sure all previously released errata relevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):

    1914774 - CVE-2021-20178 ansible: user data leak in snmp_facts module 1915808 - CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes secured values 1916813 - CVE-2021-20191 ansible: multiple modules expose secured values 1925002 - CVE-2021-20228 ansible: basic.py no_log with fallback option 1939349 - CVE-2021-3447 ansible: multiple modules expose secured values

    1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    ====================================================================
    Red Hat Security Advisory

    Synopsis: Important: sudo security update Advisory ID: RHSA-2021:0221-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:0221 Issue date: 2021-01-26 CVE Names: CVE-2021-3156 ==================================================================== 1. Summary:

    An update for sudo is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. Description:

    The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.

    Security Fix(es):

    • sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    1. Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing

    1. Package List:

    Red Hat Enterprise Linux Client (v. 7):

    Source: sudo-1.8.23-10.el7_9.1.src.rpm

    x86_64: sudo-1.8.23-10.el7_9.1.x86_64.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm

    Red Hat Enterprise Linux Client Optional (v. 7):

    x86_64: sudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm sudo-devel-1.8.23-10.el7_9.1.i686.rpm sudo-devel-1.8.23-10.el7_9.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode (v. 7):

    Source: sudo-1.8.23-10.el7_9.1.src.rpm

    x86_64: sudo-1.8.23-10.el7_9.1.x86_64.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    x86_64: sudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm sudo-devel-1.8.23-10.el7_9.1.i686.rpm sudo-devel-1.8.23-10.el7_9.1.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: sudo-1.8.23-10.el7_9.1.src.rpm

    ppc64: sudo-1.8.23-10.el7_9.1.ppc64.rpm sudo-debuginfo-1.8.23-10.el7_9.1.ppc64.rpm

    ppc64le: sudo-1.8.23-10.el7_9.1.ppc64le.rpm sudo-debuginfo-1.8.23-10.el7_9.1.ppc64le.rpm

    s390x: sudo-1.8.23-10.el7_9.1.s390x.rpm sudo-debuginfo-1.8.23-10.el7_9.1.s390x.rpm

    x86_64: sudo-1.8.23-10.el7_9.1.x86_64.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    ppc64: sudo-debuginfo-1.8.23-10.el7_9.1.ppc.rpm sudo-debuginfo-1.8.23-10.el7_9.1.ppc64.rpm sudo-devel-1.8.23-10.el7_9.1.ppc.rpm sudo-devel-1.8.23-10.el7_9.1.ppc64.rpm

    ppc64le: sudo-debuginfo-1.8.23-10.el7_9.1.ppc64le.rpm sudo-devel-1.8.23-10.el7_9.1.ppc64le.rpm

    s390x: sudo-debuginfo-1.8.23-10.el7_9.1.s390.rpm sudo-debuginfo-1.8.23-10.el7_9.1.s390x.rpm sudo-devel-1.8.23-10.el7_9.1.s390.rpm sudo-devel-1.8.23-10.el7_9.1.s390x.rpm

    x86_64: sudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm sudo-devel-1.8.23-10.el7_9.1.i686.rpm sudo-devel-1.8.23-10.el7_9.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: sudo-1.8.23-10.el7_9.1.src.rpm

    x86_64: sudo-1.8.23-10.el7_9.1.x86_64.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: sudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm sudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm sudo-devel-1.8.23-10.el7_9.1.i686.rpm sudo-devel-1.8.23-10.el7_9.1.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. References:

    https://access.redhat.com/security/cve/CVE-2021-3156 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-002

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iQIVAwUBYBB9QtzjgjWX9erEAQjMkQ/+PUDUX16Tnzqt7l1CsDAkHsT89EyY1keR 5XAlnrEv0nfw+/Feb2zhjlAlGbZSE1pTHOB4WarZzz2edZW5PRDw2SnljPToGoF2 6e4rlxRMJzFzc1WiOl5VgIq2LsOrqE1x3smwx7UGloMNmld/wgNKzFyddlR3ya0/ k78GAgUD2K/riILpeSG9M3jkK6IX/ecAOV8cK4GnmVAyrc/I0ud+wp+AFaQdKOUd DJ08C4ktxCEDZnCMV7X0fheoVB08T2VUPqM3AT0mP8Q07RWElFNAYYzS0/0ABGdd G/bRXDOiP0Qp92gMjWi4zu8JJk1Yyt8vnXII30gr2dd4f/8O0X6N+fntkhpc86N0 mdXrPNBDXC6YJqahqtTH3ZMNWj37kSX5O0QIxRMMySIuPEhLdkF0A4CBGcP1qpaN BQf/nNAvYlkz70QTL91JkUL98X0Ih+O6IAPxT//C90VXwXTb2+XmBBYjA24/gHJn kpv9ZzJfeCSCVoa019u3r/8pkMIfiN69GpO2FQTJCP4MbIJPHeANp2lYEA+KHPqE XJvy0qh3YEs741KxKwzbaMgOTrYsoMvKhVeJZm0t5bpU5Y5TTF9fCVan8uJ8ke6d buQej1iyBUvPq+gMQvJhwiP1Q2rvgxPmHP+L3Awo9tTqm6b7WsqdRq5K+B025v+d NdZXKIPEQVY=7/vM -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . These packages include redhat-release-virtualization-host. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.

    Bug Fix(es):

    • When performing an upgrade of the Red Hat Virtualization Host using the command yum update, the yum repository for RHV 4.3 EUS is unreachable

    As a workaround, run the following command: # yum update --releasever=7Server (BZ#1899378)

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker 1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker 1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker 1899378 - rhel-7-server-rhvh-4.3-eus-rpms repo is unavailable 1916111 - Rebase RHV-H 4.3 EUS on RHEL 7.9.z #3 1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing

    1. ========================================================================== Ubuntu Security Notice USN-4705-2 January 27, 2021

    sudo vulnerability

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 14.04 ESM
    • Ubuntu 12.04 ESM

    Summary:

    Several security issues were fixed in Sudo. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.

    Original advisory details:

    It was discovered that Sudo incorrectly handled memory when parsing command lines. A local attacker could possibly use this issue to obtain unintended access to the administrator account. (CVE-2021-3156)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 14.04 ESM: sudo 1.8.9p5-1ubuntu1.5+esm6

    Ubuntu 12.04 ESM: sudo 1.8.3p1-1ubuntu3.10

    In general, a standard system update will make all the necessary changes. 8) - aarch64, ppc64le, s390x, x86_64

    3

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202101-1926",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "10.0"
          },
          {
            "model": "tekelec platform distribution",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7.7.1"
          },
          {
            "model": "active iq unified manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "model": "ontap tools",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": "9"
          },
          {
            "model": "oncommand unified manager core package",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "model": "micros workstation 6",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "610"
          },
          {
            "model": "micros workstation 6",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "655"
          },
          {
            "model": "communications performance intelligence center",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "10.4.0.3.1"
          },
          {
            "model": "sudo",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "sudo",
            "version": "1.9.5"
          },
          {
            "model": "micros compact workstation 3",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "310"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "33"
          },
          {
            "model": "hci management node",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "model": "web gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mcafee",
            "version": "8.2.17"
          },
          {
            "model": "tekelec platform distribution",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7.4.0"
          },
          {
            "model": "ontap select deploy administration utility",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "model": "privilege management for mac",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "beyondtrust",
            "version": "21.1.1"
          },
          {
            "model": "communications performance intelligence center",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "10.4.0.1.0"
          },
          {
            "model": "micros workstation 5a",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "5a"
          },
          {
            "model": "sudo",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "sudo",
            "version": "1.9.0"
          },
          {
            "model": "skynas",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "synology",
            "version": null
          },
          {
            "model": "privilege management for unix\\/linux",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "beyondtrust",
            "version": "10.3.2-10"
          },
          {
            "model": "diskstation manager",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "synology",
            "version": "6.2"
          },
          {
            "model": "diskstation manager unified controller",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "synology",
            "version": "3.0"
          },
          {
            "model": "communications performance intelligence center",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "10.3.0.2.1"
          },
          {
            "model": "micros es400",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "400"
          },
          {
            "model": "sudo",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "sudo",
            "version": "1.9.5"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "9.0"
          },
          {
            "model": "communications performance intelligence center",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "10.3.0.0.0"
          },
          {
            "model": "web gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mcafee",
            "version": "9.2.8"
          },
          {
            "model": "cloud backup",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "model": "vs960hd",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "synology",
            "version": null
          },
          {
            "model": "micros es400",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "410"
          },
          {
            "model": "micros kitchen display system",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "210"
          },
          {
            "model": "solidfire",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "netapp",
            "version": null
          },
          {
            "model": "sudo",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "sudo",
            "version": "1.8.2"
          },
          {
            "model": "sudo",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "sudo",
            "version": "1.8.32"
          },
          {
            "model": "web gateway",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "mcafee",
            "version": "10.0.4"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "32"
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-3156"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:sudo_project:sudo:1.9.5:patch1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.9.5",
                    "versionStartIncluding": "1.9.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sudo_project:sudo:1.9.5:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "1.8.32",
                    "versionStartIncluding": "1.8.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:web_gateway:8.2.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:web_gateway:9.2.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:mcafee:web_gateway:10.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:synology:diskstation_manager:6.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:synology:diskstation_manager_unified_controller:3.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:synology:skynas_firmware:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:synology:skynas:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:synology:vs960hd:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:beyondtrust:privilege_management_for_mac:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "21.1.1",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:beyondtrust:privilege_management_for_unix\\/linux:*:*:*:*:basic:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "10.3.2-10",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:oracle:micros_compact_workstation_3_firmware:310:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:oracle:micros_compact_workstation_3:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:oracle:micros_es400_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "410",
                        "versionStartIncluding": "400",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:oracle:micros_es400:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:oracle:micros_kitchen_display_system_firmware:210:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:oracle:micros_kitchen_display_system:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:oracle:micros_workstation_5a_firmware:5a:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:oracle:micros_workstation_5a:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:oracle:micros_workstation_6_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "655",
                        "versionStartIncluding": "610",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:oracle:micros_workstation_6:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:tekelec_platform_distribution:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "7.7.1",
                    "versionStartIncluding": "7.4.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.4.0.3.1",
                    "versionStartIncluding": "10.4.0.1.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:communications_performance_intelligence_center:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "10.3.0.2.1",
                    "versionStartIncluding": "10.3.0.0.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-3156"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Red Hat",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "161139"
          },
          {
            "db": "PACKETSTORM",
            "id": "162142"
          },
          {
            "db": "PACKETSTORM",
            "id": "161143"
          },
          {
            "db": "PACKETSTORM",
            "id": "161272"
          },
          {
            "db": "PACKETSTORM",
            "id": "161138"
          }
        ],
        "trust": 0.5
      },
      "cve": "CVE-2021-3156",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "exploitabilityScore": 3.9,
                "id": "VHN-383931",
                "impactScore": 10.0,
                "integrityImpact": "COMPLETE",
                "severity": "HIGH",
                "trust": 0.1,
                "vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2021-3156",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-383931",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-383931"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-3156"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via \"sudoedit -s\" and a command-line argument that ends with a single backslash character. Summary:\n\nRed Hat Ansible Automation Platform Resource Operator 1.2 (technical\npreview) images that fix several security issues. Description:\n\nRed Hat Ansible Automation Platform Resource Operator container images\nwith security fixes. \n\nAnsible Automation Platform manages Ansible Platform jobs and workflows\nthat can interface with any infrastructure on a Red Hat OpenShift Container\nPlatform cluster, or on a traditional infrastructure that is running\noff-cluster. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. Bugs fixed (https://bugzilla.redhat.com/):\n\n1914774 - CVE-2021-20178 ansible: user data leak in snmp_facts module\n1915808 - CVE-2021-20180 ansible module: bitbucket_pipeline_variable exposes secured values\n1916813 - CVE-2021-20191 ansible: multiple modules expose secured values\n1925002 - CVE-2021-20228 ansible: basic.py no_log with fallback option\n1939349 - CVE-2021-3447 ansible: multiple modules expose secured values\n\n5. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n====================================================================                   \nRed Hat Security Advisory\n\nSynopsis:          Important: sudo security update\nAdvisory ID:       RHSA-2021:0221-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2021:0221\nIssue date:        2021-01-26\nCVE Names:         CVE-2021-3156\n====================================================================\n1. Summary:\n\nAn update for sudo is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. Description:\n\nThe sudo packages contain the sudo utility which allows system\nadministrators to provide certain users with the permission to execute\nprivileged commands, which are used for system management purposes, without\nhaving to log in as root. \n\nSecurity Fix(es):\n\n* sudo: Heap buffer overflow in argument parsing (CVE-2021-3156)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nsudo-1.8.23-10.el7_9.1.src.rpm\n\nx86_64:\nsudo-1.8.23-10.el7_9.1.x86_64.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nx86_64:\nsudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm\nsudo-devel-1.8.23-10.el7_9.1.i686.rpm\nsudo-devel-1.8.23-10.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nsudo-1.8.23-10.el7_9.1.src.rpm\n\nx86_64:\nsudo-1.8.23-10.el7_9.1.x86_64.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nx86_64:\nsudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm\nsudo-devel-1.8.23-10.el7_9.1.i686.rpm\nsudo-devel-1.8.23-10.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nsudo-1.8.23-10.el7_9.1.src.rpm\n\nppc64:\nsudo-1.8.23-10.el7_9.1.ppc64.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.ppc64.rpm\n\nppc64le:\nsudo-1.8.23-10.el7_9.1.ppc64le.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.ppc64le.rpm\n\ns390x:\nsudo-1.8.23-10.el7_9.1.s390x.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.s390x.rpm\n\nx86_64:\nsudo-1.8.23-10.el7_9.1.x86_64.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nsudo-debuginfo-1.8.23-10.el7_9.1.ppc.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.ppc64.rpm\nsudo-devel-1.8.23-10.el7_9.1.ppc.rpm\nsudo-devel-1.8.23-10.el7_9.1.ppc64.rpm\n\nppc64le:\nsudo-debuginfo-1.8.23-10.el7_9.1.ppc64le.rpm\nsudo-devel-1.8.23-10.el7_9.1.ppc64le.rpm\n\ns390x:\nsudo-debuginfo-1.8.23-10.el7_9.1.s390.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.s390x.rpm\nsudo-devel-1.8.23-10.el7_9.1.s390.rpm\nsudo-devel-1.8.23-10.el7_9.1.s390x.rpm\n\nx86_64:\nsudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm\nsudo-devel-1.8.23-10.el7_9.1.i686.rpm\nsudo-devel-1.8.23-10.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nsudo-1.8.23-10.el7_9.1.src.rpm\n\nx86_64:\nsudo-1.8.23-10.el7_9.1.x86_64.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nsudo-debuginfo-1.8.23-10.el7_9.1.i686.rpm\nsudo-debuginfo-1.8.23-10.el7_9.1.x86_64.rpm\nsudo-devel-1.8.23-10.el7_9.1.i686.rpm\nsudo-devel-1.8.23-10.el7_9.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2021-3156\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://access.redhat.com/security/vulnerabilities/RHSB-2021-002\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2021 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBYBB9QtzjgjWX9erEAQjMkQ/+PUDUX16Tnzqt7l1CsDAkHsT89EyY1keR\n5XAlnrEv0nfw+/Feb2zhjlAlGbZSE1pTHOB4WarZzz2edZW5PRDw2SnljPToGoF2\n6e4rlxRMJzFzc1WiOl5VgIq2LsOrqE1x3smwx7UGloMNmld/wgNKzFyddlR3ya0/\nk78GAgUD2K/riILpeSG9M3jkK6IX/ecAOV8cK4GnmVAyrc/I0ud+wp+AFaQdKOUd\nDJ08C4ktxCEDZnCMV7X0fheoVB08T2VUPqM3AT0mP8Q07RWElFNAYYzS0/0ABGdd\nG/bRXDOiP0Qp92gMjWi4zu8JJk1Yyt8vnXII30gr2dd4f/8O0X6N+fntkhpc86N0\nmdXrPNBDXC6YJqahqtTH3ZMNWj37kSX5O0QIxRMMySIuPEhLdkF0A4CBGcP1qpaN\nBQf/nNAvYlkz70QTL91JkUL98X0Ih+O6IAPxT//C90VXwXTb2+XmBBYjA24/gHJn\nkpv9ZzJfeCSCVoa019u3r/8pkMIfiN69GpO2FQTJCP4MbIJPHeANp2lYEA+KHPqE\nXJvy0qh3YEs741KxKwzbaMgOTrYsoMvKhVeJZm0t5bpU5Y5TTF9fCVan8uJ8ke6d\nbuQej1iyBUvPq+gMQvJhwiP1Q2rvgxPmHP+L3Awo9tTqm6b7WsqdRq5K+B025v+d\nNdZXKIPEQVY=7/vM\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. These packages include redhat-release-virtualization-host. \nRHVH features a Cockpit user interface for monitoring the host\u0027s resources\nand performing administrative tasks. \n\nBug Fix(es):\n\n* When performing an upgrade of the Red Hat Virtualization Host using the\ncommand `yum update`, the yum repository for RHV 4.3 EUS is unreachable\n\nAs a workaround, run the following command:\n`# yum update --releasever=7Server` (BZ#1899378)\n\n4. Bugs fixed (https://bugzilla.redhat.com/):\n\n1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker\n1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker\n1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker\n1899378 - rhel-7-server-rhvh-4.3-eus-rpms repo is unavailable\n1916111 - Rebase RHV-H 4.3 EUS on RHEL 7.9.z #3\n1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing\n\n6. ==========================================================================\nUbuntu Security Notice USN-4705-2\nJanuary 27, 2021\n\nsudo vulnerability\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 14.04 ESM\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in Sudo. This update provides\nthe corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. \n\nOriginal advisory details:\n\n It was discovered that Sudo incorrectly handled memory when parsing command\n lines. A local attacker could possibly use this issue to obtain unintended\n access to the administrator account. (CVE-2021-3156)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 14.04 ESM:\n  sudo                            1.8.9p5-1ubuntu1.5+esm6\n\nUbuntu 12.04 ESM:\n  sudo                            1.8.3p1-1ubuntu3.10\n\nIn general, a standard system update will make all the necessary changes. 8) - aarch64, ppc64le, s390x, x86_64\n\n3",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2021-3156"
          },
          {
            "db": "VULHUB",
            "id": "VHN-383931"
          },
          {
            "db": "PACKETSTORM",
            "id": "161139"
          },
          {
            "db": "PACKETSTORM",
            "id": "162142"
          },
          {
            "db": "PACKETSTORM",
            "id": "161143"
          },
          {
            "db": "PACKETSTORM",
            "id": "161272"
          },
          {
            "db": "PACKETSTORM",
            "id": "161163"
          },
          {
            "db": "PACKETSTORM",
            "id": "161138"
          }
        ],
        "trust": 1.53
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-383931",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-383931"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2021-3156",
            "trust": 1.7
          },
          {
            "db": "PACKETSTORM",
            "id": "161230",
            "trust": 1.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161160",
            "trust": 1.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161270",
            "trust": 1.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161293",
            "trust": 1.1
          },
          {
            "db": "MCAFEE",
            "id": "SB10348",
            "trust": 1.1
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2021/01/27/2",
            "trust": 1.1
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2021/01/26/3",
            "trust": 1.1
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2021/02/15/1",
            "trust": 1.1
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2021/01/27/1",
            "trust": 1.1
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2021/09/14/2",
            "trust": 1.1
          },
          {
            "db": "CERT/CC",
            "id": "VU#794544",
            "trust": 1.1
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2024/01/30/8",
            "trust": 1.0
          },
          {
            "db": "OPENWALL",
            "id": "OSS-SECURITY/2024/01/30/6",
            "trust": 1.0
          },
          {
            "db": "PACKETSTORM",
            "id": "176932",
            "trust": 1.0
          },
          {
            "db": "PACKETSTORM",
            "id": "161163",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "161143",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "161138",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "161272",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "161139",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "161141",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161152",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161144",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161140",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161142",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161398",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161136",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161135",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161281",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161137",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "161145",
            "trust": 0.1
          },
          {
            "db": "SEEBUG",
            "id": "SSVID-99117",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-383931",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "162142",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-383931"
          },
          {
            "db": "PACKETSTORM",
            "id": "161139"
          },
          {
            "db": "PACKETSTORM",
            "id": "162142"
          },
          {
            "db": "PACKETSTORM",
            "id": "161143"
          },
          {
            "db": "PACKETSTORM",
            "id": "161272"
          },
          {
            "db": "PACKETSTORM",
            "id": "161163"
          },
          {
            "db": "PACKETSTORM",
            "id": "161138"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-3156"
          }
        ]
      },
      "id": "VAR-202101-1926",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-383931"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T20:13:02.874000Z",
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-193",
            "trust": 1.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-383931"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-3156"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.2,
            "url": "http://www.openwall.com/lists/oss-security/2021/01/26/3"
          },
          {
            "trust": 1.1,
            "url": "https://www.kb.cert.org/vuls/id/794544"
          },
          {
            "trust": 1.1,
            "url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-sudo-privesc-jan2021-qnyqfcm"
          },
          {
            "trust": 1.1,
            "url": "https://security.netapp.com/advisory/ntap-20210128-0001/"
          },
          {
            "trust": 1.1,
            "url": "https://security.netapp.com/advisory/ntap-20210128-0002/"
          },
          {
            "trust": 1.1,
            "url": "https://support.apple.com/kb/ht212177"
          },
          {
            "trust": 1.1,
            "url": "https://www.sudo.ws/stable.html#1.9.5p2"
          },
          {
            "trust": 1.1,
            "url": "https://www.synology.com/security/advisory/synology_sa_21_02"
          },
          {
            "trust": 1.1,
            "url": "https://www.debian.org/security/2021/dsa-4839"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2021/jan/79"
          },
          {
            "trust": 1.1,
            "url": "http://seclists.org/fulldisclosure/2021/feb/42"
          },
          {
            "trust": 1.1,
            "url": "https://security.gentoo.org/glsa/202101-33"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/161160/sudo-heap-based-buffer-overflow.html"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/161230/sudo-buffer-overflow-privilege-escalation.html"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/161270/sudo-1.9.5p1-buffer-overflow-privilege-escalation.html"
          },
          {
            "trust": 1.1,
            "url": "http://packetstormsecurity.com/files/161293/sudo-1.8.31p2-1.9.5p1-buffer-overflow.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.beyondtrust.com/blog/entry/security-advisory-privilege-management-for-unix-linux-pmul-basic-and-privilege-management-for-mac-pmm-affected-by-sudo-vulnerability"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "trust": 1.1,
            "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
          },
          {
            "trust": 1.1,
            "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00022.html"
          },
          {
            "trust": 1.1,
            "url": "http://www.openwall.com/lists/oss-security/2021/01/27/1"
          },
          {
            "trust": 1.1,
            "url": "http://www.openwall.com/lists/oss-security/2021/01/27/2"
          },
          {
            "trust": 1.1,
            "url": "http://www.openwall.com/lists/oss-security/2021/02/15/1"
          },
          {
            "trust": 1.1,
            "url": "http://www.openwall.com/lists/oss-security/2021/09/14/2"
          },
          {
            "trust": 1.0,
            "url": "http://packetstormsecurity.com/files/176932/glibc-syslog-heap-based-buffer-overflow.html"
          },
          {
            "trust": 1.0,
            "url": "http://seclists.org/fulldisclosure/2024/feb/3"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2024/01/30/6"
          },
          {
            "trust": 1.0,
            "url": "http://www.openwall.com/lists/oss-security/2024/01/30/8"
          },
          {
            "trust": 1.0,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10348"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/cala5ftxiqbrryua2zqnjxb6oqmaxeii/"
          },
          {
            "trust": 1.0,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/lhxk6ico5aylgfk2tax5mzkuxtukwojy/"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/cve/cve-2021-3156"
          },
          {
            "trust": 0.5,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2021-3156"
          },
          {
            "trust": 0.5,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.4,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-002"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.4,
            "url": "https://access.redhat.com/security/updates/classification/#important"
          },
          {
            "trust": 0.1,
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10348"
          },
          {
            "trust": 0.1,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/lhxk6ico5aylgfk2tax5mzkuxtukwojy/"
          },
          {
            "trust": 0.1,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/cala5ftxiqbrryua2zqnjxb6oqmaxeii/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2021:0225"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17006"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-20907"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2021:1079"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5188"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-12749"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-8625"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2017-12652"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-12401"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12402"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-1971"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14866"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-15999"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2021-20228"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-7595"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2018-20843"
          },
          {
            "trust": 0.1,
            "url": "https://listman.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-17006"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17546"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-11719"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20388"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12401"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-14973"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-17546"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-17023"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17023"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12243"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-12749"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-6829"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14866"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-8177"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-12403"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12652"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12400"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-20388"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2021-3447"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-19956"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11756"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-11756"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-12243"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-12400"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-5313"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2021-20191"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-11727"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-1971"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11719"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-5094"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2021-20180"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11727"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-12403"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-5188"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-15903"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-15999"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-5094"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-15903"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-14973"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-19956"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-5313"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2019-17498"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-14422"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-17498"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-20907"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2021-20178"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-14422"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2018-20843"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-12402"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2021:0221"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/2974891"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25686"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-25685"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25684"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25685"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/vulnerabilities/rhsb-2021-001"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-25686"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/cve/cve-2020-25684"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2021:0395"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/4705-2"
          },
          {
            "trust": 0.1,
            "url": "https://usn.ubuntu.com/4705-1"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/errata/rhsa-2021:0218"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-383931"
          },
          {
            "db": "PACKETSTORM",
            "id": "161139"
          },
          {
            "db": "PACKETSTORM",
            "id": "162142"
          },
          {
            "db": "PACKETSTORM",
            "id": "161143"
          },
          {
            "db": "PACKETSTORM",
            "id": "161272"
          },
          {
            "db": "PACKETSTORM",
            "id": "161163"
          },
          {
            "db": "PACKETSTORM",
            "id": "161138"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-3156"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-383931"
          },
          {
            "db": "PACKETSTORM",
            "id": "161139"
          },
          {
            "db": "PACKETSTORM",
            "id": "162142"
          },
          {
            "db": "PACKETSTORM",
            "id": "161143"
          },
          {
            "db": "PACKETSTORM",
            "id": "161272"
          },
          {
            "db": "PACKETSTORM",
            "id": "161163"
          },
          {
            "db": "PACKETSTORM",
            "id": "161138"
          },
          {
            "db": "NVD",
            "id": "CVE-2021-3156"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2021-01-26T00:00:00",
            "db": "VULHUB",
            "id": "VHN-383931"
          },
          {
            "date": "2021-01-27T14:06:12",
            "db": "PACKETSTORM",
            "id": "161139"
          },
          {
            "date": "2021-04-09T15:06:13",
            "db": "PACKETSTORM",
            "id": "162142"
          },
          {
            "date": "2021-01-27T14:06:46",
            "db": "PACKETSTORM",
            "id": "161143"
          },
          {
            "date": "2021-02-03T16:22:29",
            "db": "PACKETSTORM",
            "id": "161272"
          },
          {
            "date": "2021-01-28T13:59:34",
            "db": "PACKETSTORM",
            "id": "161163"
          },
          {
            "date": "2021-01-27T14:06:02",
            "db": "PACKETSTORM",
            "id": "161138"
          },
          {
            "date": "2021-01-26T21:15:12.987000",
            "db": "NVD",
            "id": "CVE-2021-3156"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-09-03T00:00:00",
            "db": "VULHUB",
            "id": "VHN-383931"
          },
          {
            "date": "2024-07-09T18:27:53.967000",
            "db": "NVD",
            "id": "CVE-2021-3156"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "161163"
          }
        ],
        "trust": 0.1
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Red Hat Security Advisory 2021-0225-01",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "161139"
          }
        ],
        "trust": 0.1
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "overflow, root",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "161139"
          },
          {
            "db": "PACKETSTORM",
            "id": "161143"
          },
          {
            "db": "PACKETSTORM",
            "id": "161138"
          }
        ],
        "trust": 0.3
      }
    }