BT25-04

• CVSSv4 Score: 8.6
• CVSSv4 Vector AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
• Severity: High
• Issue Date: 2025-06-16
• Updated On: 2025-06-16
• CVE(s): CVE-2025-5309
• CWE CWE-94
• Synopsis: RCE Via Server-Side Template Injection
• Impacted: Product Remote Support and Privileged Remote Access
  

The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.

Remote Support and Privileged Remote Access components do not properly escape input intended for the template engine, leading to a potential template injection vulnerability. This flaw may allow an attacker to execute arbitrary code in the context of the server. Notably, in the case of Remote Support, exploitation does not require authentication.

A patch has been applied to all RS/PRA cloud customers as of June 16, 2025 that remediates this vulnerability.

On-premise customers of RS/PRA should apply the patch if their instance is not subscribed to automatic updates in their /appliance interface.

Remote Support

If the patch cannot be applied, the following options for the Public Site can help mitigate exploitation of this vulnerability:

• Enable SAML authentication for the Public Portal
• Enforce session key usage by:
  • Ensuring Session Keys are enabled
  • Disabling the Representative List
  • Disabling the Issue Submission Survey

Privileged Remote Access

If you are on an affected version, apply the appropriate patch.

https://www.cve.org/cverecord?id=CVE-2025-5309

https://nvd.nist.gov/vuln/detail/CVE-2025-5309

https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0022524

We would like to thank Jorren Geurts of Resillion for reporting this vulnerability responsibly.