BeyondTrust Warns of Critical Vulnerabilities in RS and PRA That Could Allow Authentication Bypass

Views: 31 views

372/69 Wednesday, July 8, 2026

BeyondTrust has warned administrators to urgently update its Remote Support (RS) and Privileged Remote Access (PRA) products after multiple Critical vulnerabilities were discovered that could allow unauthenticated attackers to bypass authentication and access affected appliances. The key vulnerabilities are CVE-2026-40138 and CVE-2026-40139, both of which are related to flaws in the authentication process.

Reports indicate that CVE-2026-40138 is caused by improper validation of authentication data in the authentication subsystem, which could allow attackers to bypass authentication and access affected appliances. Meanwhile, CVE-2026-40139 is related to improper processing of authentication requests in BeyondTrust Remote Support. Exploitation of both vulnerabilities requires certain authentication configuration settings to be enabled, but BeyondTrust has not disclosed further details.

In addition to the Critical vulnerabilities, BeyondTrust also fixed two High-severity vulnerabilities, CVE-2026-40140 and CVE-2026-40141, which could be exploited to cause service disruption or access resources that should be restricted on unpatched RS and PRA systems. Administrators using self-hosted deployments should install the April security rollup or upgrade to RS/PRA version 25.3.3 or later. They should also check whether their appliances are exposed to the internet, restrict access to only necessary networks, and monitor event logs related to authentication and abnormal system access.

Source: https://www.bleepingcomputer.com/news/security/beyondtrust-warns-of-critical-flaws-in-remote-access-software/