BeyondTrust Discovery Agent 25.1.0.1704 release notes
9 days ago
June 3, 2025
This release is available by download from the BeyondTrust Client Portal.
🆕 New features
Retry option for RPC service
You can now use Retry to see if your RPC service is running when you're executing a BTDiscovery.cmd client command.
Runtime option in the port scan
Use the new runtime option to allow for additional ports in your port scan.
✨ Enhancements
With this release, we've added the following enhancements to the BeyondTrust Discovery Agent:
- support for reporting Windows Server 2025
- multiple SSH channels are enabled (for Posix targets only)
- improved scanning credential selection by eliminating credentials that don't apply to the target
- improved performance by moving DCOM Enumeration to the remote agent extension
- support for Check Point network devices
- improved scan results by not enumerating Domain Users in groups when the job setting for EnumerateDomainUsers is disabled
🛠️ Issues resolved
| Description | Resolution |
|---|---|
| Remote command timeout issue | Resolved by sending the command timeout to the remote agent when starting a new session. |
| A bug occurs when using SUDO elevation when the "-k" option is not supported. | Resolved. Bug no longer occurs. |
| A parsing bug occurs which causes Linux Scheduled Task enumeration to fail. | Resolved. Bug no longer occurs. |
| Expired password issue when no data found. | When no data is found in the password expired value it reports "not expired". |
| Issue with IPv6 connection strings for Oracle, MongoDB, Terradata, and MySQL | Resolved. No longer issue with connections strings. |
| A bug occurs in the handling of MySQL data which results in a failure in event processing. | Resolved. Bug no longer occurs. |
| A bug occurs where the debug log level is not working for the Remote Agent service. | Resolved. Bug no longer occurs. |
| A false positive occurs on SSH and MongoDB credential access which is incorrectly reporting the credential access succeeded. | Resolved. False positive no longer occurs. |
| A condition occurs where a nonexistent MSSQL instance was reported. | Resolved. Condition no longer occurs. |
| A bug occurs when the SSH connection timeout runtime option is not being used, causing early timeouts. | Resolved. Early timeouts no longer occur. |
| A bug occurs where targets are incorrectly identified as DCs. | Resolved. Targets are no longer incorrectly identified. |
📝 Requirements
- There is a product dependency on having the .NET 8 Hosting package installed.
- OAuth authorization is dependent on having BI version 24.2.0.
- The new Central Policy message to retrieve all scheduled scans is dependent on BI version 24.3.0 and later.
- A reboot of the system may be required.
- SSH Session encryption using the SHA1 cipher is deprecated. SHA256 or higher should be used.
- Deprecate DSA encryption as an SSH authentication cipher.
⚙️ Signatures
- The MD5 signature is 38b53b4d08f551dc05175921b5233f8d
- The SHA-1 signature is 1a5fb5bdca31e87e66136b2294a8c79bea8eeb64
- The SHA256 signature is 31d291cd493d097d0db2c04804407cf77da485025ae8695ef2b9162870cf40f0
⏰ Deprecation notice
Support for Windows 8 and Server 2012 as a scanner host is deprecated.
