CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

BeyondTrust Patches Critical RCE Vulnerability

Affecting both RS and PRA, the bug can be exploited remotely via crafted requests without authentication. The post BeyondTrust Patches Critical RCE Vulnerability appeared first on SecurityWeek.

BeyondTrust vulnerability

BeyondTrust has rolled out patches for a critical-severity vulnerability in Remote Support (RS) and Privileged Remote Access (PRA) that could lead to unauthenticated remote code execution (RCE).

Tracked as CVE-2026-1731 (CVSS score of 9.9), the issue can be exploited via specially crafted requests to execute operating system commands as the site user.

“Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption,” BeyondTrust notes in its advisory.

The security defect impacts RS versions 25.3.1 and prior, and PRA versions 24.3.4 and prior, and was addressed in RS version 25.3.2 and PRA version 25.1.1.

Hacktron AI, which identified and reported the flaw, estimates that roughly 8,500 on-premises RS deployments accessible from the internet are likely affected by the bug.

BeyondTrust’s RS product, it notes, is mainly used across large enterprises and by organizations in the healthcare, financial services, government, and hospitality sectors.

“Given that BeyondTrust Remote Support and Privileged Remote Access are widely deployed in enterprise environments for remote access and privileged session management, the potential blast radius of this vulnerability is significant,” Hacktron AI says.

While there have been no reports of CVE-2026-1731 being exploited in the wild, Rapid7 points out that state-sponsored threat actors have targeted vulnerable BeyondTrust products in the past.

The China-linked APT Silk Typhoon is known to have exploited vulnerabilities such as CVE-2024-12356 and CVE-2024-12686, as well as zero-day flaws in attacks targeting US government entities.

“Given this history of targeted attacks against such a widely used platform, these tools remain a critical attack vector that demands immediate defensive action,” Rapid7 notes.

Related: Recent SolarWinds Flaws Potentially Exploited as Zero-Days

Related: SmarterTools Hit by Ransomware via Vulnerability in Its Own Product

Related: Organizations Urged to Replace Discontinued Edge Devices

Related: Critical N8n Sandbox Escape Could Lead to Server Compromise

Latest News

CYBERNEWSMEDIAPublisher