CVE Watchtower

CVE-2026-1731NVD

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Severity Level

CRITICAL (9.9)

Published Date

06/02/2026

Last Modified

17/02/2026

Exploitation Status

????

References

https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article&sysparm_article=KB0023293
https://www.beyondtrust.com/trust-center/security-advisories/bt26-02
https://github.com/win3zz/CVE-2026-1731
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731
https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731