Critical RCE Vulnerability in BeyondTrust Software Requires Immediate Patching

Severity: High (Score: 67.0)

Sources: Acumencyber, Securityonline.Info, Yahoo, Theregister, Oracle

Summary

BeyondTrust has issued a warning regarding a critical remote code execution (RCE) vulnerability in its Remote Support and Privileged Remote Access software. The flaw, tracked as CVE-2026-1731, allows unauthenticated attackers to execute arbitrary code remotely and affects versions 25.3.1 or earlier of Remote Support and 24.3.4 or earlier of Privileged Remote Access. Users are advised to apply the patches released on February 6, 2026, to mitigate the risk of exploitation.

Key Entities

• Silk Typhoon (apt_group)
• Data Breach (attack_type)
• Remote Code Execution (attack_type)
• Zero-day Exploit (attack_type)
• BeyondTrust (tool)
• Committee On Foreign Investment In The United States (company)
• Office Of Foreign Assets Control (company)
• Oracle (company)
• U.S. Department Of The Treasury (company)
• U.S. Treasury Department (company)
• Belgium (country)
• China (country)
• France (country)
• Germany (country)
• Italy (country)
• CVE-2017-10151 (cve)
• CVE-2024-12356 (cve)
• CVE-2024-12686 (cve)
• CVE-2025-1094 (cve)
• CVE-2025-1382 (cve)
• cvefeed.io (domain)
• Energy (industry)
• Finance (industry)
• Financial (industry)
• Government (industry)
• Healthcare (industry)
• T1041 - Exfiltration Over C2 Channel (mitre_attack)
• T1059 - Command and Scripting Interpreter (mitre_attack)
• T1078 - Valid Accounts (mitre_attack)
• T1190 - Exploit Public-Facing Application (mitre_attack)
• T1567 - Exfiltration Over Web Service (mitre_attack)
• BeyondTrust Privileged Remote Access (platform)
• BeyondTrust Remote Support (platform)
• Fusion Middleware (platform)
• Oracle Fusion Middleware (platform)
• Oracle Identity Manager (platform)