CVE-2026-1731
Analyzed Analyzed - Analysis Complete
BaseFortify

Publication date: 2026-02-06

Last updated on: 2026-02-17

Assigner: BeyondTrust

Description
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-06
Last Modified
2026-02-17
Generated
2026-06-16
AI Q&A
2026-02-07
EPSS Evaluated
2026-06-14
NVD
CVE-2026-1731
EUVD
EUVD-2026-5559
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
beyondtrust privileged_remote_access to 25.1 (exc)
beyondtrust remote_support to 25.3.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA). It is a critical pre-authentication remote code execution flaw, meaning an attacker can exploit it without needing to log in or authenticate.

By sending specially crafted requests to the affected systems, an unauthenticated remote attacker may be able to execute operating system commands with the privileges of the site user.

Impact Analysis

This vulnerability can have severe impacts because it allows an unauthenticated attacker to remotely execute arbitrary operating system commands.

Such remote code execution can lead to full system compromise, unauthorized access to sensitive data, disruption of services, and potential lateral movement within a network.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1731. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart