Critical BeyondTrust Vulnerability Allows Hackers Complete System Access

Critical zero-day flaw in BeyondTrust's platforms allows unauthenticated command execution; patch required to prevent severe risks.

By Content Team

Feb 8, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

BeyondTrust disclosed a critical zero-day vulnerability (CVE-2026-1731) in its Remote Support and Privileged Remote Access platforms that lets attackers execute commands without authentication. The flaw affects Remote Support versions 25.3.1 and earlier, plus Privileged Remote Access versions 24.3.4 and prior.

SaaS customers received automatic patches on February 2, 2026, but self-hosted users must manually apply patches BT26-02-RS or BT26-02-PRA. Older versions need upgrades first before patching.

Discovered by Harsh Jaiswal and Hacktron AI using variant analysis, this vulnerability poses severe risks since BeyondTrust products manage privileged access across enterprise networks. Successful attacks could compromise entire organizational infrastructures.

Source: Cybersecurity News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Russian Hackers Target UK Internet Routers for Espionage Operations

Apr 9, 2026

Hackers Exploit React2Shell Flaw to Compromise 700+ Next.js Servers

Apr 4, 2026

Southampton School Closes Four Days After Ransomware Attack

Mar 29, 2026

Frustrated Researcher Leaks Windows Zero-Day Exploit After Microsoft Response Issues

Apr 10, 2026