#cve-2026-1731 tag

Critical CVE-2026-1731 in BeyondTrust Remote Support/Privileged Remote Access permits OS command execution as the site user, enabling web shells, backdoors, and malware deployment.

Information security

fromSecurityWeek

3 weeks ago

BeyondTrust Patches Critical RCE Vulnerability

Critical unauthenticated RCE (CVE-2026-1731, CVSS 9.9) affects BeyondTrust RS and PRA; patches are available and many internet-accessible on-prem deployments are likely exposed.

fromThe Hacker News

3 weeks ago

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

"BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability," the company said in an advisory released February 6, 2026. "By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user." The vulnerability, categorized as an operating system command injection, has been assigned the CVE identifier CVE-2026-1731.

Information security

#cve-2026-1731#cve-2026-1731

Hospitals at Risk of BeyondTrust Ransomware Hacks - DataBreaches.Net

BeyondTrust Vulnerability Exploited in Ransomware Attacks

BeyondTrust Vulnerability Targeted by Hackers Within 24 Hours of PoC Release

Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability