Beyondtrust: >> Remote Support >> 25.1.1 Security Vulnerabilities
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
Known exploited
CVSS Score
9.8
EPSS Score
0.756
Published
2026-02-06
The chat feature within Remote Support (RS) and Privileged Remote Access (PRA) is vulnerable to a Server-Side Template Injection vulnerability which can lead to remote code execution.
CVSS Score
9.8
EPSS Score
0.005
Published
2025-06-16