CVE-2025-0217: 
BeyondTrust Privileged Remote Access Client vulnerability analysis and mitigation

BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 contain a local authentication bypass vulnerability, identified as CVE-2025-0217. The vulnerability was discovered by Paul Szabo of the University of Sydney and was publicly disclosed on May 5, 2025. This security flaw affects the ShellJump session functionality within the PRA solution (SecurityOnline, NVD).

The vulnerability is classified with CWE-287 (Improper Authentication) and has received a CVSS v4.0 base score of 7.3 (HIGH). The CVSS vector string is CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H, indicating local access requirements and high potential impact across various security metrics (NVD).

The vulnerability enables local authenticated attackers to view connection details of ShellJump sessions that were initiated with external tools, potentially leading to unauthorized access to connected sessions. This could result in session hijacking and unauthorized control over critical systems and data (SecurityOnline).

BeyondTrust has released version 25.1 as a fix for this vulnerability. Organizations using affected versions of PRA are strongly advised to upgrade to version 25.1 or later immediately to mitigate the risk (SecurityOnline).