Critical pre-auth RCE in BeyondTrust remote-support tools prompts urgent patch

February 9, 2026 at 09:45 PM

•

1 min read

Critical pre-auth RCE in BeyondTrust remote-support tools prompts urgent patch — Photo: BleepingComputer

TL;DR Summary

BeyondTrust warns of CVE-2026-1731, a pre-auth remote code execution flaw in Remote Support (RS) 25.3.1 and Privileged Remote Access (PRA) 24.3.4 and earlier, allowing unauthenticated attackers to run OS commands; patches are available by upgrading to RS 25.3.2+ and PRA 25.1.1+ (or enabling automatic updates). Cloud systems have been secured; about 11,000 instances are exposed online, with roughly 8,500 on-premises potentially vulnerable if not patched; no active exploitation is reported yet.

Topics:business #enterprise-security #patch-management #remote-code-execution #security #technology #vulnerability

Share this article

BeyondTrust warns of critical RCE flaw in remote support software BleepingComputer
BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA The Hacker News
CVE-2026-1731 Arctic Wolf
BeyondTrust's Pre-Authentication RCE Flaw Exposes the Fragile Underbelly of Privileged Access Management WebProNews
BeyondTrust Remote Support has a critical vulnerability Techzine Global

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 4 min read

Condensed

91%

792 → 71 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights