Critical Vulnerability in Beyond Trust Remote Support and Privileged Remote Access products

Executive Summary

On February 4, 2025, Beyond Trust reported in their Customer Portal that a critical vulnerability was discovered affecting the Remote Support (RS) and Privileged Remote Access (PRA) products. At time of writing, there was no CVE assigned and no public information on the vulnerability, but it is being tracked by the vendor as BT26-02. Beyond Trust published more information for customers in a non-public Knowledge Article.

The Remote Support and Privileged Remote Access products facilitate remote access to a wide range of end point types, and these products are typically deployed internet facing by design. As such, a breach of these products can give threat actors not only initial access into an organizations network, but immediate control of internal hosts. At time of writing, there is no evidence of this vulnerability being exploited in the wild, nor are any public proof-of-concept (PoC) exploits available. However, given the urgency communicated by the vendor and the high risk of this type of product being compromised, organizations are urged to update their affected systems as soon as possible.

Affected Systems and Products

Software	Affected Versions	Fixed Versions
Remote Support (RS)	25.3.1 and prior	25.3.2
Privileged Remote Access (PRA)	24.3.4 and prior	24.3.5

Patches

For SaaS deployments of Remote Support and Privileged Remote Access, patch BT26-02-RS or BT26-02-PRA has automatically been applied. Customers using hosted or managed versions of these products should already be covered but should also check their servers to verify.

For On Prem Patch BT26-02-RS and BT26-02-PRA have been released to mitigate this vulnerability. Further details can be found within the Knowledge Article Portal.

How Beazley Security is Responding

Beazley Security is monitoring client perimeter devices through our Exposure Management Platform to identify impacted devices and support organizations in remediation of any issues found.

We are also conducting threat hunts across our MDR environment to detect potential exploitation attempts against our clients.

If you believe your organization may have been impacted by this attack campaign and need support, please contact our Incident Response team.

Sources

‍https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article&sysparm_article=KB0023293

Download PDF

Aware of an incident impacting your industry? Let us know:

Report an incident

Prepare

Implement

Defend

Respond

Manage Risk

Beazley Insured

Featured Industries

Enabling readiness and resilience from pre-breach to remediation.

Bringing extensive experience to every engagement.

Nice to meet you. Find out more about our company here.

The latest insights and advisories from our team