[Security Vulnerability Alert] BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) contain a high-risk security vulnerability (CVE-2026-1731). Please confirm as soon as possible.

[Security Vulnerability Alert] BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) contain a high-risk security vulnerability (CVE-2026-1731). Please confirm as soon as possible.

2026/2/25 ～ 2026/9/25

View Count：31

Forwarded from National Cybersecurity Information Sharing and Analysis Center: Cybersecurity Alert NISAC-200-202602-00000092

[Content Description]
Researchers have discovered an OS Command Injection vulnerability (CVE-2026-1731) in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA). An unauthenticated remote attacker could inject arbitrary operating system commands and execute them on the server.

This vulnerability has already been exploited by hackers. Please confirm and patch it as soon as possible.

[Affected Platforms]
Remote Support versions 25.3.1 and earlier
Privileged Remote Access versions 24.3.4 and earlier

[Recommended Actions]
An official patch has been released to address this vulnerability. Please refer to the official instructions for updating. The URL is as follows: https://wwwbeyondtrust.com/trust-center/security-advisories/bt26-02

[References]
1. https://nvd.nist.gov/vuln/detail/CVE-2026-1731
2. https://www.beyondtrust.com/trust-center/security-advisories/bt26-02

[Security Vulnerability Alert] BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) contain a high-risk security vulnerability (CVE-2026-1731). Please confirm as soon as possible.

2026/2/25 ～ 2026/9/25

View Count：31

Files

None

【Back】