BeyondTrust has launched updates to handle a vital security flaw impacting Distant Assist (RS) and Privileged Distant Entry (PRA) merchandise that, if efficiently exploited, might end in distant code execution.
“BeyondTrust Distant Assist (RS) and sure older variations of Privileged Distant Entry (PRA) include a vital pre-authentication distant code execution vulnerability,” the corporate mentioned in an advisory launched February 6, 2026.
“By sending specifically crafted requests, an unauthenticated distant attacker might be able to execute working system instructions within the context of the location person.”
The vulnerability, categorized as an working system command injection, has been assigned the CVE identifier CVE-2026-1731. It is rated 9.9 on the CVSS scoring system.
BeyondTrust mentioned profitable exploitation of the shortcoming might enable an unauthenticated distant attacker to execute working system instructions within the context of the location person, leading to unauthorized entry, knowledge exfiltration, and repair disruption.
The problem impacts the next variations –
- Distant Assist variations 25.3.1 and prior
- Privileged Distant Entry variations 24.3.4 and prior
It has been patched within the following variations –
- Distant Assist – Patch BT26-02-RS, 25.3.2 and later
- Privileged Distant Entry – Patch BT26-02-PRA, 25.1.1 and later
The corporate can also be urging self-hosted prospects of Distant Assist and Privileged Distant Entry to manually apply the patch if their occasion just isn’t subscribed to automated updates. These working a Distant Assist model older than 21.3 or on Privileged Distant Entry older than 22.1 are additionally required to improve to a more moderen model to use this patch.
“Self-hosted prospects of PRA might also improve to 25.1.1 or a more moderen model to remediate this vulnerability,” it added.
Based on security researcher and Hacktron AI co-founder Harsh Jaiswal, the vulnerability was found on January 31, 2026, by a man-made intelligence (AI)-enabled variant evaluation, including that it discovered about 11,000 situations uncovered to the web. Further particulars of the flaw have been withheld to offer customers time to use the patches.
“About ~8,500 of these are on-prem deployments, which stay probably susceptible if patches aren’t utilized,” Jaiswal and Mohan Sri Rama Krishna Pedhapati mentioned.
With security flaws in BeyondTrust Privileged Distant Entry and Distant Assist having come underneath lively exploitation previously, it is important that customers replace to the newest model as quickly as doable for optimum safety.
