← Zuruck zu CVEs

CVE-2026-1731

CRITICALCISA KEV

9.8

Beschreibung

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht2/6/2026

Zuletzt geandert2/17/2026

Quellekev

Honeypot-Sichtungen0

CISA KEV

HerstellerBeyondTrust

ProduktRemote Support (RS) and Privileged Remote Access (PRA)

SchwachstellennameBeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

KEV Aufnahmedatum2026-02-13

Behebungsfrist2026-02-16

Ransomware-NutzungKnown

Betroffene Produkte

beyondtrust:privileged_remote_accessbeyondtrust:remote_support

Schwachen (CWE)

CWE-78

Referenzen

https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article&sysparm_article=KB0023293(13061848-ea10-403d-bd75-c83a022c2891)

https://www.beyondtrust.com/trust-center/security-advisories/bt26-02(13061848-ea10-403d-bd75-c83a022c2891)

https://github.com/win3zz/CVE-2026-1731(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.