Vulnerability Details CVE-2025-0217
BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.3%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2025-0217
-
cpe:2.3:a:beyondtrust:privileged_remote_access:-
-
cpe:2.3:a:beyondtrust:privileged_remote_access:22.2.1
-
cpe:2.3:a:beyondtrust:privileged_remote_access:22.2.2
-
cpe:2.3:a:beyondtrust:privileged_remote_access:22.3.1
-
cpe:2.3:a:beyondtrust:privileged_remote_access:22.3.2
-
cpe:2.3:a:beyondtrust:privileged_remote_access:22.3.3
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.1.1
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.1.2
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.1.3
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.1.4
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.2.1
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.2.2
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.2.3
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.2.4
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.2.5
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.3.1
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.3.2
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.3.3
-
cpe:2.3:a:beyondtrust:privileged_remote_access:23.3.4
-
cpe:2.3:a:beyondtrust:privileged_remote_access:24.1.1
-
cpe:2.3:a:beyondtrust:privileged_remote_access:24.1.2
-
cpe:2.3:a:beyondtrust:privileged_remote_access:24.1.3
-
cpe:2.3:a:beyondtrust:privileged_remote_access:24.1.4
-
cpe:2.3:a:beyondtrust:privileged_remote_access:24.2.2
-
cpe:2.3:a:beyondtrust:privileged_remote_access:24.2.3
-
cpe:2.3:a:beyondtrust:privileged_remote_access:24.2.4
-
cpe:2.3:a:beyondtrust:privileged_remote_access:24.3.1
-
cpe:2.3:a:beyondtrust:privileged_remote_access:24.3.4