- BeyondTrust warns of critical RCE flaw CVE-2026-1731 in RS and PRA
- The vulnerability allows the execution of unauthenticated operating system commands, which risks compromising and exfiltrating data.
- Patch released February 2, 2026; ~11,000 exposed instances, mostly on-premises deployments
American cybersecurity company BeyondTrust has warned its customers that its Remote Support (RS) product, as well as certain older versions of Privileged Remote Access (PRA), are vulnerable to a remote code execution flaw that allows threat actors to execute operating system commands in the context of the site user.
In a security advisory posted to the company’s website earlier this week, BeyondTrust said the bug, stemming from an operating system command injection weakness, is tracked as CVE-2026-1731 and was given a severity score of 9.9/10 (critical).
Affects Remote Support 25.3.1 or earlier, and Privileged Remote Access 24.3.4 or earlier.
Patching the defect
“Successful exploitation requires no authentication or user interaction and can compromise the system, including unauthorized access, data exfiltration, and service interruption,” BeyondTrust warned, adding that a patch has been applied to all customers starting February 2, 2026.
Those running self-hosted programs must apply the patch manually, in case their instances are not subscribed to automatic updates. BeyondTrust added that those with a remote support version older than 21.3 or privileged remote access older than 22.1 will need to upgrade to a newer version, and PRA self-hosted customers can also upgrade to 25.1.1 or later.
BeyondTrust is a leading provider of identity security services, with more than 20,000 customers in more than 100 countries around the world.
Harsh Jaiswal and the Hacktron AI team, who were credited with finding the flaw, said that approximately 11,000 instances are exposed to the internet, including both cloud and on-premises deployments. “Approximately 8,500 of these are on-premises deployments that remain potentially vulnerable if unpatched,” Hacktron said.
Commenting on the findings, BeyondTrust told BleepingComputer that it found no evidence that the glitch has been abused in the wild.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds. Be sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp also.
