Vulnerabilities > Beyondtrust

DATE CVE VULNERABILITY TITLE RISK
2024-12-17 CVE-2024-12356 Command Injection vulnerability in Beyondtrust Remote Support
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
network
low complexity
beyondtrust CWE-77
critical
9.8
2024-06-04 CVE-2024-4219 Server-Side Request Forgery (SSRF) vulnerability in Beyondtrust Beyondinsight 23.1
Prior to 23.2, it is possible to perform arbitrary Server-Side requests via HTTP-based connectors within BeyondInsight, resulting in a server-side request forgery vulnerability.
network
low complexity
beyondtrust CWE-918
critical
9.1
2024-06-04 CVE-2024-4220 Unspecified vulnerability in Beyondtrust Beyondinsight
Prior to 23.1, an information disclosure vulnerability exists within BeyondInsight which can allow an attacker to enumerate usernames.
network
low complexity
beyondtrust
5.3
2023-12-25 CVE-2023-49944 Unspecified vulnerability in Beyondtrust Privilege Management for Windows
The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory.
local
low complexity
beyondtrust
6.7
2023-12-12 CVE-2020-12614 Unspecified vulnerability in Beyondtrust Privilege Management for Windows
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6.
local
low complexity
beyondtrust
7.8
2023-12-12 CVE-2020-28369 Uncontrolled Search Path Element vulnerability in Beyondtrust Privilege Management for Windows
In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp.
local
low complexity
beyondtrust CWE-427
7.8
2023-12-12 CVE-2020-12612 Unspecified vulnerability in Beyondtrust Privilege Management for Windows
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6.
local
low complexity
beyondtrust
7.8
2023-12-12 CVE-2020-12615 Unspecified vulnerability in Beyondtrust Privilege Management for Windows
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6.
local
low complexity
beyondtrust
7.8
2023-12-11 CVE-2021-3187 Unspecified vulnerability in Beyondtrust Privilege Management for mac
An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7.
network
low complexity
beyondtrust
8.8
2023-12-11 CVE-2020-12613 Unspecified vulnerability in Beyondtrust Privilege Management for Windows
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6.
network
low complexity
beyondtrust
8.8