Vulnerability Management, Patch/Configuration Management

Critical vulnerability in BeyondTrust software requires urgent patching

(Adobe Stock)

BeyondTrust has issued a critical warning to its customers regarding a security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software. This vulnerability, tracked as CVE-2026-1731, allows unauthenticated attackers to execute arbitrary code remotely, potentially leading to system compromise. The issue stems from an OS command injection weakness discovered by Harsh Jaiswal and the Hacktron AI team, affecting specific versions of BeyondTrust's software, based on information published by Bleeping Computer.

The vulnerability, CVE-2026-1731, is a pre-authentication remote code execution flaw that can be exploited through low-complexity attacks requiring no user interaction. Attackers can craft malicious client requests to inject OS commands, executing them in the context of the site user. Successful exploitation could result in unauthorized access, data exfiltration, and service disruption. BeyondTrust has secured its cloud systems and urges on-premises customers to manually patch by upgrading to newer versions. Approximately 11,000 internet-exposed instances, including about 8,500 on-premises deployments, are potentially vulnerable if patches are not applied.

This incident highlights the persistent threat of critical vulnerabilities in widely used remote access and support tools. BeyondTrust software has historically been targeted by sophisticated actors, including state-sponsored groups like Silk Typhoon.

Source: Bleeping Computer

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds