CVE-2025-0217

Name of the Vulnerable Software and Affected Versions BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1

Description A local authentication bypass issue affects BeyondTrust Privileged Remote Access (PRA). This allows a local authenticated attacker to view the connection details of a ShellJump session initiated with external tools, enabling unauthorized access to connected sessions.

Recommendations For versions prior to 25.1, update to version 25.1 or later to resolve the issue. As a temporary workaround, consider restricting access to ShellJump sessions initiated with external tools until the update is applied.