VulnHub

Real-time Cybersecurity News

BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731)

Help Net Security
CVEZero-dayExploitVulnerabilityPatchRCECritical

Overview

BeyondTrust has addressed a serious remote code execution vulnerability, identified as CVE-2026-1731, which affects its Remote Support (RS) and Privileged Remote Access (PRA) solutions. This vulnerability can be exploited without authentication, making it particularly dangerous for self-hosted customers. BeyondTrust is urging users to apply the patch immediately to protect their systems. Unlike a previous zero-day vulnerability exploited by threat actors linked to China, this issue was discovered by a security researcher and disclosed privately. The prompt action by BeyondTrust highlights the necessity for timely vulnerability management in remote access tools, which are critical for many organizations.

Key Takeaways

  • Affected Systems: BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) solutions.
  • Action Required: BeyondTrust has released a patch for CVE-2026-1731.
  • Timeline: Newly disclosed

Original Article Summary

BeyondTrust fixed a critical remote code execution vulnerability (CVE-2026-1731) in its Remote Support (RS) and Privileged Remote Access (PRA) solutions and is urging self-hosted customers to apply the patch as soon a possible. Unlike the Remote Support zero-day (CVE-2024-12356) that was flagged after having been exploited by China-nexus threat actors to breach the US Treasury Department in late 2024, this newest vulnerability was discovered and privately disclosed by a security researcher. About CVE-2026-1731 BeyondTrust Privileged … More → The post BeyondTrust fixes easy-to-exploit pre-auth RCE vulnerability in remote access tools (CVE-2026-1731) appeared first on Help Net Security.

Impact

BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) solutions.

Exploitation Status

No active exploitation has been reported at this time. However, organizations should still apply patches promptly as proof-of-concept code may exist.

Timeline

Newly disclosed

Remediation

BeyondTrust has released a patch for CVE-2026-1731. Self-hosted customers are urged to apply this patch as soon as possible.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to CVE, Zero-day, Exploit, and 4 more.

Read Original Article

Related Coverage

Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility

Security Affairs

Bluesky, a decentralized microblogging platform, was hit by a 24-hour Distributed Denial of Service (DDoS) attack that began on April 15. The attack led to significant service disruptions, impacting users who rely on the platform for communication and information sharing. A pro-Iran hacker group has claimed responsibility for this attack, indicating a possible politically motivated cyber incident. DDoS attacks can overwhelm a service with traffic, rendering it unavailable to legitimate users, which raises concerns about the platform's security and its ability to handle such threats in the future. This incident serves as a reminder of the ongoing risks facing online platforms, especially those involved in social discourse.

Apr 21, 2026

Researchers build an encrypted routing layer for private AI inference

Help Net Security

Researchers have developed a new encrypted routing layer that enhances privacy for organizations using large AI models, particularly in sensitive sectors like healthcare and finance. The method employs Secure Multi-Party Computation (MPC), which breaks down data into encrypted fragments and spreads them across multiple servers. This approach allows the servers to process AI queries without ever accessing the original data, ensuring that sensitive information remains confidential. This advancement is significant as it addresses growing concerns over data privacy when utilizing cloud-based AI services. Companies looking to implement AI while safeguarding private information may find this technology particularly beneficial.

Apr 21, 2026

Multiple other companies purportedly breached by ShinyHunters, over 9M record leak warned

SCM feed for Latest

The hacking group ShinyHunters claims to have breached nine well-known companies, including Zara, 7-Eleven, and Carnival Corporation. They are threatening to release over 9 million records that contain personal information and internal data unless a ransom is paid by April 21. This situation raises significant concerns for the affected brands as it puts customer data at risk and could lead to identity theft or other malicious activities. The release of such a large volume of sensitive information could also damage the reputation of these companies and erode consumer trust. As the deadline approaches, it remains crucial for these organizations to enhance their security measures and communicate transparently with their customers about the potential breach.

Apr 20, 2026

Tycoon 2FA relinquishes crown to similar PhaaS platforms

SCM feed for Latest

The recent dismantling of the Tycoon 2FA phishing-as-a-service platform has left a significant gap in the cybercrime ecosystem. In a crackdown that took down over 300 active domains associated with Tycoon 2FA, security researchers noted that cybercriminals are now shifting their focus to other similar platforms, namely Mamba 2FA, Sneaky 2FA, and EvilProxy. These alternative services have quickly integrated the tools and techniques that made Tycoon 2FA popular among attackers. This transition underscores the persistent nature of phishing threats, as criminals adapt and find new ways to exploit users. The ongoing evolution of these platforms poses a continuous risk to individuals and organizations, highlighting the need for enhanced security measures against phishing attempts.

Apr 20, 2026

Vercel Breach Linked to Context.ai, ShinyHunters Says It’s Not Involved

Hackread – Cybersecurity News, Data Breaches, AI and More

Vercel has confirmed a data breach that is linked to Context.ai, where a hacker is reportedly attempting to sell the stolen data for $2 million. In response to the situation, the hacking group ShinyHunters has publicly denied any involvement and warned that imposters may be falsely claiming to be associated with them. This incident raises concerns about the security of user data at Vercel and highlights the ongoing risks posed by data breaches in the tech industry. Companies like Vercel must take immediate action to investigate the breach and protect their users from potential data exploitation. As the situation develops, it remains crucial for affected users to stay informed about any updates regarding their data security.

Apr 20, 2026

Vercel Employee's AI Tool Access Led to Data Breach

darkreading

A data breach at Vercel was linked to an employee's AI tool that inadvertently exposed sensitive OAuth tokens. These tokens are key for securely accessing APIs and services, and their theft represents a new avenue for cyber attackers, allowing them to move laterally within networks. The incident raises concerns for organizations that rely on OAuth for authentication, as these tokens are crucial for maintaining security. As a result, companies need to reassess their security measures surrounding OAuth token management to prevent similar breaches in the future. This situation serves as a reminder of the vulnerabilities that can arise from integrating AI tools without stringent security protocols.

Apr 20, 2026