BeyondTrust
-
CISA orders federal agencies to patch BeyondTrust flaw within three days
CISA ordered federal agencies to secure BeyondTrust Remote Support instances by February 16 after CVE-2026-1731 was added to its Known Exploited Vulnerabilities catalog. The flaw allows unauthenticated remote command execution and on-premises patches must be installed manually.
-
In-the-wild exploitation observed for critical BeyondTrust RCE CVE-2026-1731
Researchers observed overnight exploitation attempts for CVE-2026-1731 targeting BeyondTrust Remote Support and Privileged Remote Access. The flaw is rated CVSS 9.9. Patches are available for affected versions and administrators should apply updates immediately.
-
BeyondTrust patches critical pre-auth RCE in Remote Support and Privileged Remote Access
BeyondTrust released patches for CVE-2026-1731, a critical pre-auth remote code execution flaw affecting Remote Support and older Privileged Remote Access versions. Self-hosted instances must apply updates or upgrade to reach patchable releases.
