Detections
Analytics

CVE-2026-1731

critical

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

References

https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731

https://www.securityweek.com/beyondtrust-vulnerability-exploited-in-ransomware-attacks/

https://www.databreachtoday.com/hospitals-at-risk-beyondtrust-ransomware-hacks-a-30818

https://thehackernews.com/2026/02/beyondtrust-flaw-used-for-web-shells.html

https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-dell-flaw-within-3-days/

https://unit42.paloaltonetworks.com/beyondtrust-cve-2026-1731/

https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-beyondtrust-flaw-within-three-days/

https://www.bleepingcomputer.com/news/security/critical-beyondtrust-rce-flaw-now-exploited-in-attacks-patch-now/

https://www.securityweek.com/beyondtrust-patches-critical-rce-vulnerability/

https://www.helpnetsecurity.com/2026/02/09/beyondtrust-remote-access-vulnerability-cve-2026-1731/

https://www.bleepingcomputer.com/news/security/beyondtrust-warns-of-critical-rce-flaw-in-remote-support-software/

https://thehackernews.com/2026/02/beyondtrust-fixes-critical-pre-auth-rce.html

https://securityaffairs.com/187776/security/beyondtrust-fixes-critical-pre-auth-bug-allowing-remote-code-execution.html

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731

https://www.beyondtrust.com/trust-center/security-advisories/bt26-02

https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article&sysparm_article=KB0023293

Details

Source: Mitre, NVD

Published: 2026-02-06

Updated: 2026-02-17

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

CVSS v4

Base Score: 9.9

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:H/SA:L

Severity: Critical

EPSS

EPSS: 0.60924

Vulnerability Watch

Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.

Vulnerability of Interest