CVE-2026-1731
Published Feb 6, 2026
Last updated 3 months ago
AI description
CVE-2026-1731 is identified as a pre-authentication remote code execution vulnerability impacting BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) products. This flaw, categorized as an operating system command injection, allows an unauthenticated remote attacker to execute operating system commands in the context of the site user. The vulnerability can be exploited by sending specially crafted requests, and successful exploitation does not require any user interaction or prior authentication. BeyondTrust has released updates to address this issue, with patches available for Remote Support versions 25.3.2 and later, and Privileged Remote Access versions 25.1.1 and later.
- Description
- BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
- Source
- 13061848-ea10-403d-bd75-c83a022c2891
- NVD status
- Analyzed
- Products
- privileged_remote_access, remote_support
CVSS 4.0
- Type
- Secondary
- Base score
- 9.9
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability
- Exploit added on
- Feb 13, 2026
- Exploit action due
- Feb 16, 2026
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- 13061848-ea10-403d-bd75-c83a022c2891
- CWE-78
- Hype score
- Not currently trending
Top 30 CVEs for ecosystem (30 days). Top CVEs: CVE-2022-20775, CVE-2025-40551, CVE-2026-1731 VulnSocial — your risk exposure provider. #vulnsocial #CVE #CyberSecurity #VulnerabilityManagement https://t.co/S02Q7THYkX
@vulnsocial
6 Mar 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 10 CVEs for ecosystem (30 days). CVE-2010-5139 CVE-2004-0200 CVE-2008-0015 CVE-2024-43468 CVE-2025-40551 CVE-2018-17144 CVE-2025-11953 CVE-2026-2441 CVE-2026-1731 https://t.co/cWlQJaYf4S #CyberInsights #SecurityUpdate #CyberTrends #TechSecurity #CyberNews #DataProtection
@vulnsocial
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ペネトレーションテストツールのMetasploitが更新。Linux向けRC4パッカー、OllamaのCVE-2024-37032、BeyondTrustのCVE-2026-1731、GrandstreamのCVE-2026-2329に対応する攻撃コード、Windows向け永続化の追加。 https://t.co/GiidCAOHcs
@__kokumoto
28 Feb 2026
1962 Impressions
5 Retweets
36 Likes
13 Bookmarks
0 Replies
0 Quotes
🚨 Metasploit Update Drops Linux RC4 Evasion + New RCE Exploits for Ollama, BeyondTrust, and VoIP Rapid7’s Feb 27 Metasploit release adds new exploit modules for high-severity RCE issues (including Ollama CVE-2024-37032, BeyondTrust PRA/RS CVE-2026-1731, and Grandstream GXP16
@ThreatSynop
28 Feb 2026
70 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[HIGH] CISA Issues Emergency Patches for Critical Vulnerabilities CISA releases patches for critical flaws in multiple platforms. CVE: CVE-2026-1731, CVE-2025-12543 • APT: Unknown • Status: ACTIVE Urgent action needed t… https://t.co/J2iNIRDDMh
@MysocAi
24 Feb 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Roundcube vulnerabilities (CVE-2025-49113, CVE-2025-68461) and BeyondTrust CVE-2026-1731 exploited in ransomware attacks delivering SparkRAT and VShell. PayPal and FICOBA breaches affect millions. AI and quantum security make progress. #BeyondTrust #PayPal https://t.co/fND6z5Jb1x
@TweetThreatNews
23 Feb 2026
44 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-2441 2 - CVE-2026-25253 3 - CVE-2026-1731 4 - CVE-2026-21509 5 - CVE-2025-32756 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
22 Feb 2026
142 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Active exploits surge with critical vulnerabilities in Roundcube CVE-2025-49113/68461 and BeyondTrust CVE-2026-1731 enabling SparkRAT, VShell, and more. ATM jackpotting, PayPal & FICOBA breaches also reported. #Roundcube #ATMJackpot #USA https://t.co/nsNtgjFzgH
@TweetThreatNews
22 Feb 2026
128 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-2648 2 - CVE-2026-1731 3 - CVE-2025-15556 4 - CVE-2025-49113 5 - CVE-2025-6218 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
21 Feb 2026
94 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-6218 2 - CVE-2025-52464 3 - CVE-2026-21509 4 - CVE-2026-20817 5 - CVE-2026-1731 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
20 Feb 2026
104 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2026-20841 2 - CVE-2025-55177 3 - CVE-2026-1731 4 - CVE-2025-9961 5 - CVE-2026-22182 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
16 Feb 2026
111 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-12725 2 - CVE-2026-25253 3 - CVE-2026-1731 4 - CVE-2026-21508 5 - CVE-2025-9961 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
15 Feb 2026
109 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Recent reporting by Help Net Security highlights a critical escalation in cyber conflict dynamics as attackers exploit a newly patched remote code execution vulnerability in BeyondTrust software. The flaw, CVE-2026-1731, shares technical similarities with CVE-2024-12356—a
@ox0ffff
15 Feb 2026
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2022-1743 2 - CVE-2026-20841 3 - CVE-2025-15556 4 - CVE-2026-25253 5 - CVE-2026-1731 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
13 Feb 2026
140 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-32711 2 - CVE-2026-1731 3 - CVE-2025-61732 4 - CVE-2026-20817 5 - CVE-2026-25526 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
10 Feb 2026
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A critical pre-auth RCE has been disclosed in BeyondTrust Remote Support and PRA (CVE-2026-1731, CVSS 9.9) Our intel suggests this is another websocket vuln, similar to CVE-2024-12356 🍯We have added a BeyondTrust RS honeypot stream for Defused TF 👉 https://t.co/GXFaq
@DefusedCyber
9 Feb 2026
7886 Impressions
12 Retweets
51 Likes
10 Bookmarks
0 Replies
1 Quote
Top 5 Trending CVEs: 1 - CVE-2025-55241 2 - CVE-2022-26766 3 - CVE-2026-1731 4 - CVE-2026-20817 5 - CVE-2026-21509 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
8 Feb 2026
130 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A82D26FE-8791-41BC-A71B-4C2FEB81C41C",
"versionEndExcluding": "25.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:beyondtrust:remote_support:*:*:*:*:*:*:*:*",
"matchCriteriaId": "178845B4-26D3-4C94-AED9-1C847B9357F1",
"versionEndExcluding": "25.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]