Jorren Geurts

**Name of the Vulnerable Software and Affected Versions** BeyondTrust Remote Support and Privileged Remote Access (affected versions not specified) **Description** The chat feature within Remote Support and Privileged Remote Access is vulnerable to a Server-Side Template Injection vulnerability, which can lead to remote code execution. This issue has been exploited by Chinese-backed hackers targeting U.S. agencies. It is estimated that over 1.2 million services are potentially affected. The vulnerability allows unauthenticated attackers to execute code remotely via a Server-Side Template Injection flaw in the chat feature. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.