Critical flaw in BeyondTrust Remote Support sees early signs of exploitation

The vulnerability is a variant of a CVE linked to the 2024 hack of the U.S. Treasury Department, according to researchers.

CISA gives feds 3 days to patch actively exploited BeyondTrust flaw

CISA ordered U.S. government agencies on Friday to secure their BeyondTrust Remote Support instances against an actively ...
The Hacker News

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

BeyondTrust fixes CVSS 9.9 pre-auth RCE flaw (CVE-2026-1731) in Remote Support and PRA; 11,000 instances exposed.

BeyondTrust warns of critical RCE flaw in remote support software

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...
CSO Online

Critical BeyondTrust RS vulnerability exploited in active attacks

Researchers have detected attacks that compromised Bomgar appliances, many of which have reached end of life, creating problems for enterprises seeking to patch.

BeyondTrust RCE flaw lets hackers run code without logging in

A 9.9/10 bug was found in multiple BeyondTrust products, but a patch is already available.
Infosecurity-magazine.com

CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities

The US government has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities. The alert from the Cybersecurity and Infrastructure ...
Hosted on MSN

Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight

Several H3C Magic router models have critical vulnerabilities The vulnerabilities allow for privilege escalation and command injection No patch has so far been issued for the vulnerabilities Several ...