A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled
| Vendor | Product | Versions |
|---|---|---|
| BeyondTrust | Remote Support | 0, 0, 0, 0 |
Downstream vendors/products affected by this vulnerability
| Vendor | Product | Source | Confidence |
|---|---|---|---|
| beyondtrust | privileged remote access | mitre_affected | 90% |
Updated affected versions to include 25.3.2 and 26.2.0, changed severity to CRITICAL, and noted that no exploit exists.
Initial creation