DocumentationRelease Notes
Log In
Release Notes
Back to All

BeyondTrust Discovery Agent 25.1.0.1704 release notes

5 days ago

June 3, 2025

ℹ️

This release is available by download from the BeyondTrust Client Portal.

🆕 New features

Retry option for RPC service

You can now use Retry to see if your RPC service is running when you're executing a BTDiscovery.cmd client command.

Runtime option in the port scan

Use the new runtime option to allow for additional ports in your port scan.

✨ Enhancements

With this release, we've added the following enhancements to the BeyondTrust Discovery Agent:

  • support for reporting Windows Server 2025
  • multiple SSH channels are enabled (for Posix targets only)
  • improved scanning credential selection by eliminating credentials that don't apply to the target
  • improved performance by moving DCOM Enumeration to the remote agent extension
  • support for Check Point network devices
  • improved scan results by not enumerating Domain Users in groups when the job setting for EnumerateDomainUsers is disabled

🛠️ Issues resolved

  • Resolved a remote command timeout issue by sending the command timeout to the remote agent when starting a new session.
  • Resolved a bug when using SUDO elevation when the "-k" option is not supported.
  • Resolved a parsing bug which caused Linux Scheduled Task enumeration to fail.
  • Resolved the password expired value so that it reports "not expired" when no data is found.
  • Resolved the IPv6 connection strings for Oracle, MongoDB, Terradata, and MySQL
  • Resolved a bug in the handling of MySQL data which resulted in a failure in event processing.
  • Resolved bug where the debug log level was not working for the Remote Agent service.
  • Resolved false positive on SSH and MongoDB credential access which was incorrectly reporting the credential access succeeded.
  • Resolved a condition in which a nonexistent MSSQL instance was reported.
  • Resolved a bug in which the SSH connection timeout runtime option was not being used causing early timeouts.
  • Resolved a bug where targets were incorrectly identified as DCs.

📝 Requirements

  • There is a product dependency on having the .NET 8 Hosting package installed.
  • OAuth authorization is dependent on having BI version 24.2.0.
  • The new Central Policy message to retrieve all scheduled scans is dependent on BI version 24.3.0 and later.
  • A reboot of the system may be required.
  • SSH Session encryption using the SHA1 cipher is deprecated. SHA256 or higher should be used.
  • Deprecate DSA encryption as an SSH authentication cipher.

⚙️ Signatures

  • The MD5 signature is 38b53b4d08f551dc05175921b5233f8d
  • The SHA-1 signature is 1a5fb5bdca31e87e66136b2294a8c79bea8eeb64
  • The SHA256 signature is 31d291cd493d097d0db2c04804407cf77da485025ae8695ef2b9162870cf40f0

⏰ Deprecation notice

Support for Windows 8 and Server 2012 as a scanner host is deprecated.

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.