6 matches found
CVE-2026-1731
CVE-2026-1731 affects BeyondTrust Remote Support (RS) and older Privileged Remote Access (PRA). It is a pre-authentication, unauthenticated remote code execution vulnerability exploitable via crafted requests, enabling code execution in the site user context. Technical details across connected do...
CVE-2026-40138
CVE-2026-40138 is a critical pre-authentication vulnerability in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. The underlying issue is improper validation of authentication data, which could let a network-positioned attacker bypass access controls and ga...
CVE-2025-0217
BeyondTrust Privileged Remote Access (PRA) prior to version 25.1 is affected by a local authentication bypass. An authenticated local attacker can view the ShellJump session details initiated with external tools, enabling unauthorized access to connected sessions. Affected product: BeyondTrust PR...
CVE-2026-40140
BeyondTrust Remote Support and Privileged Remote Access are affected by CVE-2026-40140, a pre-authentication vulnerability in the network communication subsystem. The issue stems from insufficient validation of client-supplied input, enabling an unauthenticated remote attacker to trigger a denial...
CVE-2026-40139
BeyondTrust Remote Support authentication subsystem contains a critical pre-authentication vulnerability (CVE-2026-40139). Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including...
CVE-2026-40141
CVE-2026-40141 affects the web application component of BeyondTrust Remote Support and Privileged Remote Access. The issue stems from insufficient validation of user-supplied input, which could allow an authenticated attacker with limited privileges to access resources or data beyond their author...