← Back to CVEs

CVE-2026-1731

CRITICALCISA KEV

9.8

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

CVE Details

CVSS v3.1 Score9.8

SeverityCRITICAL

CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack VectorNETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published2/6/2026

Last Modified2/17/2026

Sourcekev

Honeypot Sightings0

CISA KEV

VendorBeyondTrust

ProductRemote Support (RS) and Privileged Remote Access (PRA)

Vulnerability NameBeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability

KEV Date Added2026-02-13

Remediation Due Date2026-02-16

Ransomware UseKnown

Affected Products

beyondtrust:privileged_remote_accessbeyondtrust:remote_support

Weaknesses (CWE)

CWE-78

References

https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article&sysparm_article=KB0023293(13061848-ea10-403d-bd75-c83a022c2891)

https://www.beyondtrust.com/trust-center/security-advisories/bt26-02(13061848-ea10-403d-bd75-c83a022c2891)

https://github.com/win3zz/CVE-2026-1731(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731(134c704f-9b21-4f2e-91b3-4a467353bcc0)

https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.