Home / Technology / BeyondTrust Flaw: Critical Vulnerability Exposes Systems
BeyondTrust Flaw: Critical Vulnerability Exposes Systems
10 Feb
Summary
- Critical flaw in BeyondTrust Remote Support allows command execution.
- Nearly 11,000 internet-exposed instances may be vulnerable.
- Patch released February 2, 2026; no wild exploitation found.
BeyondTrust has alerted customers to a critical vulnerability impacting its Remote Support (RS) and certain older Privileged Remote Access (PRA) products. The flaw, identified as CVE-2026-1731, carries a severity score of 9.9 out of 10 and enables remote code execution. This weakness allows attackers to run operating system commands with the privileges of the site user without requiring any authentication or user interaction.
The vulnerability affects Remote Support versions 25.3.1 and earlier, and Privileged Remote Access versions 24.3.4 and earlier. BeyondTrust released a patch for this issue on February 2, 2026, and urged customers to apply it promptly, especially those managing self-hosted instances not set for automatic updates.
Harsh Jaiswal and the Hacktron AI team discovered the flaw, estimating that around 11,000 internet-exposed instances are at risk. Of these, approximately 8,500 are on-premises deployments that could remain vulnerable if patches are not implemented. Despite the critical nature of the vulnerability, BeyondTrust stated it has found no evidence of the flaw being exploited in the wild.
Customers running outdated versions of Remote Support older than 21.3 or Privileged Remote Access older than 22.1 are advised to upgrade to newer versions. BeyondTrust also suggests that self-hosted PRA customers may upgrade to version 25.1.1 or later to ensure better security against such threats.
