CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Beyondtrust 2Privileged Remote Access Remote SupportFeb 17, 2026 Feb 6, 2026 9.9 CRITICAL· v4 9.8 CRITICAL· v3 N/A· v2 BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenti...Show more |
1Beyondtrust 2Privileged Remote Access Remote SupportAug 21, 2025 Jun 16, 2025 8.6 HIGH· v4 9.8 CRITICAL· v3 N/A· v2 The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution. |
1Beyondtrust 2Privileged Remote Access Remote SupportOct 24, 2025 Dec 18, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user. |
1Beyondtrust 2Privileged Remote Access Remote SupportOct 24, 2025 Dec 17, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user. |
1Beyondtrust 2Privileged Remote Access Remote SupportNov 21, 2024 Sep 5, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Successful exploitation of...Show more |
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions. |