Critical RCE Vulnerability in BeyondTrust Software Requires Immediate Patching

Critical RCE Vulnerability in BeyondTrust Software Requires Immediate Patching

First seen 9 Feb 2026, 20:04 UTC CybersecuritynewsXGbhackersCyberpressBleepingcomputer+182 87% similarity 67.0

Article Content

Browse articles
ThreatCluster

BeyondTrust has issued a warning regarding a critical remote code execution (RCE) vulnerability in its Remote Support and Privileged Remote Access software. The flaw, tracked as CVE-2026-1731, allows unauthenticated attackers to execute arbitrary code remotely and affects versions 25.3.1 or earlier of Remote Support and 24.3.4 or earlier of Privileged Remote Access. Users are advised to apply the patches released on February 6, 2026, to mitigate the risk of exploitation.

ThreatCluster AI

Timeline

2024-12-17
CVE-2024-12356 published
2024-12-18
CVE-2024-12686 published
2026-02-06
Patches released for CVE-2026-1731
2026-02-09
BeyondTrust warns customers to patch critical RCE flaw

Community

Browse all →