Ethical Hacking News
BeyondTrust has patched a critical pre-auth bug that could allow remote code execution, affecting Remote Support and Privileged Remote Access versions. Organizations must update their systems immediately to prevent potential system compromise, data theft, and service disruption. Stay informed about the latest software updates and vulnerabilities to safeguard your operations.
BeyondTrust has issued a critical security update to address a pre-authentication remote code execution vulnerability in its Remote Support and older Privileged Remote Access products. The vulnerability, tracked as CVE-2026-1731 (CVSS score of 9.9), is considered one of the most severe exploits discovered in recent times, allowing for remote execution of operating system commands without authentication. Organizations using BeyondTrust Remote Support and older Privileged Remote Access versions are advised to update their systems immediately due to the potential severity of exploitation. The vulnerability affects Remote Support versions 25.3.1 and prior, as well as older versions of Privileged Remote Access with a patch version less than 25.1.1. BeyondTrust has taken proactive steps to protect its SaaS customers by automatically deploying the fix to cloud environments on February 2, 2026. Around 11,000 BeyondTrust Remote Support instances are exposed online across cloud and on-prem environments, with approximately 8,500 on-prem systems potentially vulnerable if not patched. Security experts stress the importance of addressing this vulnerability as soon as possible due to the straightforward nature of exploitation and its potential severe consequences for organizations that fail to patch their systems on time.
BeyondTrust has recently issued a critical security update to address a pre-authentication remote code execution vulnerability in its Remote Support and older Privileged Remote Access products. This vulnerability, tracked as CVE-2026-1731 (CVSS score of 9.9), is considered one of the most severe exploits discovered in recent times. The bug can be exploited remotely by an unauthenticated attacker to execute operating system commands without any form of authentication or user interaction.
The vulnerability was first disclosed on February 6, 2026, and its impact has been deemed critical by security experts. It's essential for organizations that use BeyondTrust Remote Support and older Privileged Remote Access versions to update their systems immediately. This is due to the potential severity of exploitation, which could result in full system compromise, data theft, and service disruption.
According to BeyondTrust, the vulnerability affects Remote Support versions 25.3.1 and prior, as well as older versions of Privileged Remote Access with a patch version less than 25.1.1. The latest fixed software versions are BT26-02-RS for Remote Support (version 25.3.2 and later) and BT26-02-PRA for Privileged Remote Access (version 25.1.1 and later).
BeyondTrust has taken proactive steps to protect its SaaS customers, as the fix was automatically deployed to all Remote Support and Privileged Remote Access cloud environments on February 2, 2026. However, self-hosted deployments need manual installation of the patch if automatic updates are not enabled. In particular, systems running older versions must first upgrade to a supported release before applying the fix.
Hacktron AI team reported that roughly 11,000 BeyondTrust Remote Support instances are exposed online across cloud and on-prem environments. Around 8,500 of these are on-prem systems and could remain vulnerable if not patched. The affected deployments primarily serve large organizations across various sectors, including healthcare, financial services, government, and hospitality.
In light of this discovery, security experts stress the importance of addressing this vulnerability as soon as possible, as exploitation is straightforward and can have severe consequences for organizations that fail to patch their systems on time. This critical update serves as a stark reminder of the potential risks associated with software vulnerabilities and the need for prompt action when such issues are discovered.
The recent disclosure of this pre-auth bug highlights the importance of continuous monitoring and proactive measures in safeguarding against emerging security threats. BeyondTrust's swift response to address this issue demonstrates its commitment to providing robust security solutions that protect users from the most severe exploits.
In conclusion, the patching of this critical vulnerability underscores the need for organizations to prioritize their cybersecurity posture by staying informed about the latest software updates and vulnerabilities. By doing so, they can significantly reduce the risk of exploitation and ensure a safer digital environment for their operations.
Related Information:
https://www.ethicalhackingnews.com/articles/BeyondTrust-Patches-Critical-Pre-Auth-Bug-Allowing-Remote-Code-Execution-ehn.shtml
https://securityaffairs.com/187776/security/beyondtrust-fixes-critical-pre-auth-bug-allowing-remote-code-execution.html
https://thehackernews.com/2026/02/beyondtrust-fixes-critical-pre-auth-rce.html
https://nvd.nist.gov/vuln/detail/CVE-2026-1731
https://www.cvedetails.com/cve/CVE-2026-1731/
Published: Mon Feb 9 16:47:50 2026 by llama3.2 3B Q4_K_M
