BeyondTrust has issued a critical warning to its customers regarding a security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software. This vulnerability, tracked as CVE-2026-1731, allows unauthenticated attackers to execute arbitrary code remotely, potentially leading to system compromise. The issue stems from an OS command injection weakness discovered by Harsh Jaiswal and the Hacktron AI team, affecting specific versions of BeyondTrust's software, based on information published by Bleeping Computer.The vulnerability, CVE-2026-1731, is a pre-authentication remote code execution flaw that can be exploited through low-complexity attacks requiring no user interaction. Attackers can craft malicious client requests to inject OS commands, executing them in the context of the site user. Successful exploitation could result in unauthorized access, data exfiltration, and service disruption. BeyondTrust has secured its cloud systems and urges on-premises customers to manually patch by upgrading to newer versions. Approximately 11,000 internet-exposed instances, including about 8,500 on-premises deployments, are potentially vulnerable if patches are not applied.This incident highlights the persistent threat of critical vulnerabilities in widely used remote access and support tools. BeyondTrust software has historically been targeted by sophisticated actors, including state-sponsored groups like Silk Typhoon.Source: Bleeping Computer
Vulnerability Management, Patch/Configuration Management
Critical vulnerability in BeyondTrust software requires urgent patching

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



