What is CVE-2025-5309?

CVE-2025-5309 is a vulnerability in Beyondtrust Remote Support & Privileged Access, classified under Code Injection. Published 2025-06-16.

Is CVE-2025-5309 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Beyondtrust Remote Support & Privileged Access

CVE-2025-5309

The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.013 (79.9th percentile) — read the EPSS interpretation.

Affected products

Beyondtrust Remote Support & Privileged Access — versions 24.2.2, 24.3.1, 25.1.1
Beyondtrust Remote Support(rs) & Privileged Access(pra) — versions 24.2.2, 24.3.1, 25.1.1

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

References

www.beyondtrust.com/trust-center/security-advisories/bt25-04

Frequently asked questions

What is CVE-2025-5309?: CVE-2025-5309 is a vulnerability in Beyondtrust Remote Support & Privileged Access, classified under Code Injection. Published 2025-06-16.
Is CVE-2025-5309 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.