Remote code execution vulnerability in BeyondTrust Remote Support (RS) and...

9.9 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:H/SA:L

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

AI Analysis

Critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)

Basic Information

ID CVE-2026-1731

Source BT

Published Feb 6, 2026 at 21:49

Affected Product

Vendor BeyondTrust

Product Remote Support(RS) & Privileged Remote Access(PRA)

Affected Versions BeyondTrust Remote Support(RS) & Privileged Remote Access(PRA) 0
BeyondTrust Remote Support(RS) & Privileged Remote Access(PRA) 0

CWE Classification

CWE-78

AI Assessment

AI Score 9.9 / 10

AI Severity Critical

Vendor BeyondTrust

Product Remote Support (RS) and Privileged Remote Access (PRA)

References

{
    "lastseen": "",
    "description": "BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.",
    "published": "2026-02-06T21:49:20.844Z",
    "modified": "2026-02-06T21:49:20.844Z",
    "type": "cve",
    "title": "Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)",
    "source": "BT",
    "references": "https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article&sysparm_article=KB0023293\nhttps://www.beyondtrust.com/trust-center/security-advisories/bt26-02",
    "id": "CVE-2026-1731",
    "bulletinFamily": "",
    "cwe": [
        "CWE-78"
    ],
    "cvelist": null,
    "sourceData": "BeyondTrust Remote Support(RS) & Privileged Remote Access(PRA) 0\nBeyondTrust Remote Support(RS) & Privileged Remote Access(PRA) 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.9,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:H/SA:L",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Remote Support(RS) & Privileged Remote Access(PRA)",
    "version": "0",
    "vendor": "BeyondTrust",
    "ai_description": "Critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)",
    "ai_severity": "Critical",
    "ai_vendor": "BeyondTrust",
    "ai_product": "Remote Support (RS) and Privileged Remote Access (PRA)",
    "ai_version": "0",
    "ai_score": 9.9
}

Remote code execution vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)_CVE-2026-1731