{"id":211792,"date":"2026-02-09T08:07:00","date_gmt":"2026-02-09T13:07:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/09\/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software\/"},"modified":"2026-02-09T19:50:13","modified_gmt":"2026-02-10T00:50:13","slug":"beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/09\/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software\/","title":{"rendered":"BeyondTrust warns of critical RCE flaw in remote support software"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software\/\">BeyondTrust warns of critical RCE flaw in remote support software<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-09 08:07:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary code remotely.<\/p>\n<p>Tracked as CVE-2026-1731, this pre-authentication remote code execution vulnerability stems\u00a0from an OS command injection weakness discovered by Harsh Jaiswal and the Hacktron AI team, and it affects BeyondTrust Remote Support 25.3.1 or earlier and Privileged Remote Access 24.3.4 or earlier.<\/p>\n<p>Threat actors with no privileges can exploit it through\u00a0maliciously crafted client requests in low-complexity attacks that don&#8217;t require user interaction.<\/p>\n<p> <img decoding=\"async\" src=\"https:\/\/www.bleepstatic.com\/c\/w\/GitLab-970x250.png\" alt=\"Wiz\" style=\"margin-top: 0px;\"\/><\/p>\n<p>&#8220;Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user,&#8221; BeyondTrust noted. &#8220;Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption.&#8221;<\/p>\n<p>BeyondTrust has secured all RS\/PRA cloud systems by February 2, 2026, and has advised all on-premises customers to patch their systems manually by upgrading to Remote Support 25.3.2 or later and Privileged Remote Access 25.1.1 or later, if they haven&#8217;t enabled automatic updates.<\/p>\n<p>&#8220;Approximately 11,000 instances are exposed to the internet including both cloud and on-prem deployments,&#8221; the\u00a0Hacktron team warned in a Friday report. &#8220;About ~8,500 of those are on-prem deployments which remain potentially vulnerable if patches aren\u2019t applied.&#8221;<\/p>\n<p>In June 2025, BeyondTrust fixed\u00a0a high-severity RS\/PRA Server-Side Template Injection vulnerability that could also allow unauthenticated attackers to gain remote code execution.<\/p>\n<p>After publishing this story, BeyondTrust told BleepingComputer that there is no known active exploitation of CVE-2026-1731 at this time.<\/p>\n<h2>Previous BeyondTrust flaws targeted as zero-days<\/h2>\n<p>While BeyondTrust says the CVE-2026-1731&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>BeyondTrust warns of critical RCE flaw in remote support software https:\/\/www.bleepingcomputer.com\/news\/security\/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software\/ Publish Date: 2026-02-09 08:07:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":211793,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2026\/02\/09\/BeyondTrust.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,31,27],"class_list":["post-211792","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211792"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=211792"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211792\/revisions"}],"predecessor-version":[{"id":211794,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211792\/revisions\/211794"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/211793"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=211792"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=211792"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=211792"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}