83/69 Wednesday, February 11, 2026
BeyondTrust has released a security update to address a critical pre-authentication vulnerability, tracked as CVE-2026-1731, which carries a CVSS score of 9.9. The flaw affects certain versions of the company’s Remote Support and Privileged Remote Access (PRA) products, allowing unauthenticated attackers to send specially crafted requests that can execute operating system commands remotely. If successfully exploited, the vulnerability could lead to full system compromise, unauthorized data access, data leakage, and service disruption.
The vulnerability does not require login credentials or user interaction. Executed commands run with the privileges of the website user, significantly increasing the risk of complete system takeover. The issue was discovered and reported by Harsh Jaiswal and the Hacktron AI team. It is estimated that approximately 11,000 BeyondTrust Remote Support instances are exposed to the internet, with around 8,500 deployed on-premises and potentially at risk if not updated. The platform is commonly used by large organizations, including those in healthcare, finance, government, and service industries.
Affected versions include Remote Support 25.3.1 and earlier and Privileged Remote Access 24.3.4 and earlier. BeyondTrust has released patches to remediate the issue: Remote Support version 25.3.2 and later (Patch BT26-02-RS) and Privileged Remote Access version 25.1.1 and later (Patch BT26-02-PRA). SaaS customers have been automatically updated since February 2, 2026, while self-hosted deployments must be updated manually. The vendor strongly urges organizations to apply the patches as soon as possible, as the vulnerability is exploitable.
