好的,我现在需要帮用户总结一篇文章的内容,控制在100个字以内。用户给的文章是关于BeyondTrust修复了一个严重的预认证漏洞,允许远程代码执行。 首先,我得通读文章,抓住关键点。文章提到BeyondTrust修补了Remote Support和PRA中的一个严重漏洞,CVE-2026-1731,CVSS评分9.9。这个漏洞允许未经身份验证的攻击者发送特制请求,执行操作系统命令,导致远程代码执行。影响版本包括Remote Support 25.3.1及之前版本,PRA 24.3.4及之前版本。修复版本分别是RS的25.3.2及以上和PRA的25.1.1及以上。 接下来,用户要求总结在100字以内,并且不要以“文章内容总结”之类的开头。我需要简洁明了地表达这些关键点:BeyondTrust修补了漏洞,影响哪些产品和版本,漏洞的严重性以及修复措施。 然后考虑用词要准确且简洁。比如,“修补”、“严重预认证漏洞”、“远程代码执行”、“影响版本”、“修复版本”。同时确保信息完整,包括CVE编号和CVSS评分可能不需要详细提及,因为用户可能只需要概括。 最后组织语言:BeyondTrust修补了Remote Support和PRA中的一个严重预认证漏洞(CVE-2026-1731),该漏洞允许未经身份验证的攻击者远程执行代码。受影响版本包括Remote Support 25.3.1及之前和PRA 24.3.4及之前;修复版本为RS 25.3.2及以上和PRA 25.1.1及以上。 检查字数是否在限制内,并确保没有遗漏重要信息。 </think> BeyondTrust修补了Remote Support和PRA中的一个严重预认证漏洞(CVE-2026-1731),该漏洞允许未经身份验证的攻击者远程执行代码。受影响版本包括Remote Support 25.3.1及之前和PRA 24.3.4及之前;修复版本为RS 25.3.2及以上和PRA 25.1.1及以上。 2026-2-9 19:52:26 Author: securityaffairs.com(查看原文) 阅读量:0 收藏
BeyondTrust fixes critical pre-auth bug allowing remote code execution
Pierluigi Paganini
February 09, 2026
BeyondTrust patched a critical pre-auth flaw in Remote Support and PRA that could let attackers execute code remotely.
BeyondTrust released security updates to address a critical flaw, tracked as CVE-2026-1731 (CVSS score of 9.9), in its Remote Support and older Privileged Remote Access products. The bug could allow an unauthenticated attacker to send specially crafted requests and run operating system commands remotely, without logging in. The issue, disclosed on February 6, 2026, could lead to full remote code execution if exploited, making the updates essential to prevent abuse.
“BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability.” reads the advisory. “By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.”
Exploiting the flaw would let a remote attacker run system commands without authentication or user interaction, potentially leading to full system compromise, data theft, and service disruption.
” Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user.” continues the advisory. “Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption.”
The vulnerability impacts:
- Remote Support versions 25.3.1 and prior
- Privileged Remote Access versions 24.3.4 and prior
Below are the fixed software versions:
| Product | Version |
|---|---|
| Remote Support | Patch BT26-02-RS |
| 25.3.2 and later | |
| Privileged Remote Access | Patch BT26-02-PRA |
| 25.1.1 and later |
Harsh Jaiswal and the Hacktron AI team reported the vulnerability.
SaaS customers were automatically protected, as the fix was deployed to all Remote Support and Privileged Remote Access cloud environments on February 2, 2026.
For self-hosted deployments, administrators must manually install the patch if automatic updates are not enabled. Systems running older versions must first upgrade to a supported release before applying the fix. In particular, PRA self-hosted customers can resolve the flaw by upgrading to version 25.1.1 or later.
Hacktron AI team reported that roughly 11,000 BeyondTrust Remote Support instances are exposed online across cloud and on-prem environments. Around 8,500 of these are on-prem systems and could remain vulnerable if not patched. The affected deployments are mainly used by large organizations, including enterprises in healthcare, financial services, government, and hospitality sectors.
“At this time, we are withholding technical details to allow affected parties sufficient time to apply patches. We strongly recommend addressing this vulnerability promptly, as exploitation is straightforward.” wrote Hacktron.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, RCE)
如有侵权请联系:admin#unsafe.sh