Ethical Hacking News
BeyondTrust has issued a patch for a critical pre-authentication remote code execution vulnerability in its Remote Support (RS) and Privileged Remote Access (PRA) products, assigned CVE-2026-1731. This vulnerability allows an unauthenticated remote attacker to execute operating system commands in the context of the site user, resulting in unauthorized access, data exfiltration, and service disruption.
BeyondTrust identified and addressed a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) products, CVE-2026-1731. The vulnerability allows an unauthenticated remote attacker to execute operating system commands, resulting in unauthorized access, data exfiltration, and service disruption. Patches are available for affected versions of Remote Support and Privileged Remote Access. Self-hosted customers must manually apply the patch if not subscribed to automatic updates. Older versions of Remote Support (21.3) and Privileged Remote Access (22.1) need to be upgraded for patch application.
In a recent announcement, BeyondTrust, a leading provider of privileged access management solutions, revealed that it had identified and addressed a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) products. This vulnerability, assigned the CVE identifier CVE-2026-1731, is categorized as an operating system command injection and has been rated 9.9 on the Common Vulnerability Scoring System (CVSS) scoring system.
The vulnerability in question allows an unauthenticated remote attacker to execute operating system commands in the context of the site user, resulting in unauthorized access, data exfiltration, and service disruption. This means that if a malicious actor were to successfully exploit this vulnerability, they could potentially gain control over the affected systems, compromising sensitive information and disrupting critical operations.
The issue affects BeyondTrust's Remote Support versions 25.3.1 and prior, as well as certain older versions of Privileged Remote Access (PRA), which have been assigned CVE-2026-1731. Fortunately, BeyondTrust has released patches for these vulnerabilities, with the updated versions being Patch BT26-02-RS, 25.3.2 and later for Remote Support, and Patch BT26-02-PRA, 25.1.1 and later for Privileged Remote Access.
It is essential to note that self-hosted customers of Remote Support and Privileged Remote Access are urged to manually apply the patch if their instance is not subscribed to automatic updates. Additionally, those running a Remote Support version older than 21.3 or on Privileged Remote Access older than 22.1 are also required to upgrade to a newer version to apply this patch.
The vulnerability was discovered by security researcher and Hacktron AI co-founder Harsh Jaiswal through an artificial intelligence (AI)-enabled variant analysis, which revealed approximately 11,000 instances exposed to the internet. Of these, around 8,500 were on-prem deployments, which remain potentially vulnerable if patches aren't applied.
The discovery of this vulnerability serves as a stark reminder of the importance of ongoing security monitoring and patch management in preventing exploitation by malicious actors. As seen with this recent instance, even seemingly secure systems can be breached if vulnerabilities are not addressed promptly and effectively.
In light of this latest development, it is crucial that users update their BeyondTrust Remote Support and Privileged Remote Access products to the latest version as soon as possible for optimal protection against this critical vulnerability.
Related Information:
https://www.ethicalhackingnews.com/articles/Critical-Vulnerabilities-Swirl-BeyondTrust-Remote-Support-and-Privileged-Access-Management-Under-Siege-ehn.shtml
https://thehackernews.com/2026/02/beyondtrust-fixes-critical-pre-auth-rce.html
https://www.beyondtrust.com/trust-center/security-advisories/bt26-02
https://nvd.nist.gov/vuln/detail/CVE-2026-1731
https://www.cvedetails.com/cve/CVE-2026-1731/
Published: Mon Feb 9 02:28:32 2026 by llama3.2 3B Q4_K_M
