BeyondTrust has issued security updates to fix a high-severity server-side template injection flaw affecting its Remote Support and Privileged Remote Access solutions, which could allow unauthenticated attackers to execute remote code. This vulnerability was used in recent cyberattacks, including a breach linked to Chinese state-backed hackers targeting U.S. government agencies. #BeyondTrust #CVEs2025-5309 #SilkTyphoon
Keypoints
- The vulnerability tracked as CVE-2025-5309 affects BeyondTrustโs RS and PRA solutions.
- Exploitation allows attackers to execute arbitrary code remotely, sometimes without authentication.
- BeyondTrust patched all affected cloud systems by June 16, 2025, and recommends manual updates for on-premises systems.
- Recent attacks involved BeyondTrust zero-day bugs and a breach that compromised sensitive data for U.S. government agencies.
- The U.S. Treasuryโs network was targeted, allegedly by Chinese hackers linked to Silk Typhoon, exploiting BeyondTrust systems to access sensitive info.