#cve-2026-1731
#cve-2026-1731

Critical unauthenticated RCE (CVE-2026-1731, CVSS 9.9) affects BeyondTrust RS and PRA; patches are available and many internet-accessible on-prem deployments are likely exposed.

fromThe Hacker News

4 days ago

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

"BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability," the company said in an advisory released February 6, 2026. "By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user." The vulnerability, categorized as an operating system command injection, has been assigned the CVE identifier CVE-2026-1731.

Information security

[ Load more ]

#cve-2026-1731#cve-2026-1731

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

BeyondTrust Patches Critical RCE Vulnerability

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

#cve-2026-1731
#cve-2026-1731