BeyondTrust warns of critical RCE in Remote Support
⚠️BeyondTrust has issued an urgent advisory for a critical pre-authentication remote code execution vulnerability tracked as CVE-2026-1731 affecting Remote Support (≤25.3.1) and Privileged Remote Access (≤24.3.4). The flaw is an OS command injection discovered by Harsh Jaiswal and the Hacktron AI team and can be exploited by unauthenticated attackers without user interaction. BeyondTrust says cloud systems were secured by February 2, 2026 and advises on‑premises customers to upgrade to RS 25.3.2 or PRA 25.1.1 immediately.
