{"id":214079,"date":"2026-02-16T07:33:00","date_gmt":"2026-02-16T12:33:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/16\/cisa-gives-feds-3-days-to-patch-actively-exploited-beyondtrust-flaw\/"},"modified":"2026-02-16T09:55:11","modified_gmt":"2026-02-16T14:55:11","slug":"cisa-gives-feds-3-days-to-patch-actively-exploited-beyondtrust-flaw","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/16\/cisa-gives-feds-3-days-to-patch-actively-exploited-beyondtrust-flaw\/","title":{"rendered":"CISA gives feds 3 days to patch actively exploited BeyondTrust flaw"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-beyondtrust-flaw-within-three-days\/\">CISA gives feds 3 days to patch actively exploited BeyondTrust flaw<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-beyondtrust-flaw-within-three-days\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-beyondtrust-flaw-within-three-days\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-16 07:33:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal\u00a0agencies on Friday\u00a0to secure their BeyondTrust Remote Support instances against an actively exploited vulnerability within three days.<\/p>\n<p>BeyondTrust provides identity security services to more than 20,000 customers across over 100 countries, including government agencies and 75% of Fortune 100 companies worldwide.<\/p>\n<p>Tracked as CVE-2026-1731, this remote code execution vulnerability\u00a0stems\u00a0from an OS command injection weakness <span style=\"box-sizing:border-box; margin:0px; padding:0px\">and\u00a0<\/span>affects BeyondTrust&#8217;s\u00a0Remote Support 25.3.1 or earlier and Privileged Remote Access 24.3.4 or earlier.<\/p>\n<p> <img decoding=\"async\" src=\"https:\/\/www.bleepstatic.com\/c\/w\/Securing-AI-Agents-970x250.png\" alt=\"Wiz\" style=\"margin-top: 0px;\"\/><\/p>\n<p>While\u00a0BeyondTrust patched all Remote Support and Privileged Remote Access SaaS instances on February 2, 2026, on-premise customers must install patches manually.<\/p>\n<p>&#8220;Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user,&#8221; BeyondTrust said\u00a0when it patched the vulnerability\u00a0on February 6. &#8220;Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption.&#8221;<\/p>\n<p>Hacktron, who\u00a0discovered the vulnerability\u00a0and responsibly disclosed it to BeyondTrust on January 31, warned that approximately 11,000 BeyondTrust Remote Support instances were exposed online, around 8,500 of them being\u00a0on-premises deployments.<\/p>\n<p>On Thursday, six days after\u00a0BeyondTrust released CVE-2026-1731 security patches, watchTowr head of threat intelligence Ryan Dewhurst reported that attackers are now actively exploiting the security flaw,\u00a0warning admins that unpatched devices should be assumed to be compromised.<\/p>\n<h2>Federal agencies ordered to patch immediately<\/h2>\n<p>One day later, CISA confirmed\u00a0Dewhurst&#8217;s report,\u00a0<span style=\"box-sizing:border-box; margin:0px; padding:0px\">added\u00a0the vulnerability to its\u00a0Known Exploited Vulnerabilities (KEV) catalog,\u00a0and ordered<\/span>\u00a0Federal Civilian Executive Branch (FCEB) agencies to secure their&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-beyondtrust-flaw-within-three-days\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA gives feds 3 days to patch actively exploited BeyondTrust flaw https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-orders-feds-to-patch-beyondtrust-flaw-within-three-days\/ Publish Date: 2026-02-16&#8230;<\/p>\n","protected":false},"author":1,"featured_media":214080,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2026\/02\/16\/BeyondTrust.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,27],"class_list":["post-214079","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/214079"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=214079"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/214079\/revisions"}],"predecessor-version":[{"id":214081,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/214079\/revisions\/214081"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/214080"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=214079"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=214079"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=214079"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}