BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted req

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Affected Products

Vendor	Product	Versions
beyondtrust	privileged_remote_access	< 25.1, < 25.3.2

References

https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article&sysparm_article=KB0023293(Permissions Required)
https://www.beyondtrust.com/trust-center/security-advisories/bt26-02(Vendor Advisory)
https://github.com/win3zz/CVE-2026-1731(Exploit, Third Party Advisory)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731(US Government Resource)
https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731(Third Party Advisory)

Related News (1 articles)

Tier D

The Hacker News5h ago

China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware

→ No new info (linked only)

CVSS 3.19.8 CRITICAL

VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA KEV✅ Yes

Actively exploited✅ Yes

Patch available

25.125.3.2

CWECWE-78, CWE-20

PublishedFeb 6, 2026

Last enriched4h agov2

Trending Score98

Source articles1

Independent1

Info Completeness11/14

Missing: epss, iocs, mitre_attack

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted req

Description

Affected Products

References

Related News (1 articles)

Community Vote

Pin to Dashboard

Verification

Vulnerability Timeline

Version History