ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
CRITICAL Vulnerabilities

BeyondTrust fixes pre-auth auth bypass bugs in Remote Support and PRA

Source headline: BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA

Threat level Critical
Signal strength 85/100
Source confidence 1 source
Published 4 hours ago

Intelligence Summary

BeyondTrust has released security updates to remediate two critical authentication bypass vulnerabilities in its Remote Support (RS) and Privileged Remote Access (PRA) products. The most severe issue, CVE-2026-40138, is a pre-authentication flaw that could let an unauthenticated attacker take control of affected devices. The patches are intended to close the logic that allows bypassing authentication checks. Organizations using RS or PRA should review their deployments and apply the vendor updates as soon as possible. Until patched, systems may remain exposed to remote takeover attempts.

Recommended Action

Prioritize immediate review, validate exposure, and patch or mitigate affected systems.

Topics

#auth-bypass #beyondtrust #pra #remote-support #vulnerability-patch
Original reporting The Hacker News BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
Open original source