Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Unauthenticated, low-complexity, network-reachable pre-auth flaw (AV:N/AC:L/PR:N/UI:N) with availability-only impact (A:H; C:N/I:N) and no scope change.
Primary rating from Vendor (BT).
CVSS VectorVendor: BT
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem. Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting appliance availability.
AnalysisAI
Denial-of-service in BeyondTrust Remote Support and Privileged Remote Access appliances lets an unauthenticated remote attacker exhaust or crash the network communication subsystem, taking the appliance offline. The flaw is pre-authentication and network-reachable (CVSS 4.0 8.7, availability-only impact), but affects availability only - no confidentiality or integrity loss. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network reachability to the BeyondTrust Remote Support or Privileged Remote Access appliance's network communication subsystem; per AV:N/AC:L/AT:N/PR:N/UI:N there is no authentication, no special configuration, and no user interaction required against a reachable appliance. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) describes an easy, network-based, unauthenticated attack requiring no user interaction, which raises exploitability, but the impact is strictly availability (VC:N/VI:N/VA:H) - there is no data exposure or code execution. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who can reach the appliance over the network sends crafted or malformed input to the pre-authentication network communication subsystem, exhausting resources or crashing the service and rendering the remote-support gateway unavailable. Because no authentication or user interaction is required (AV:N/PR:N/UI:N), the attack can be launched repeatedly from anywhere with connectivity to keep the appliance offline. … |
| Remediation | Patch available per vendor advisory BT26-03 (https://www.beyondtrust.com/trust-center/security-advisories/bt26-03) - apply the vendor-supplied update for both Remote Support and Privileged Remote Access; consult the advisory for the exact fixed version, which is not enumerated in the available input. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all BeyondTrust Remote Support and Privileged Remote Access appliances and document current versions. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Remote Support
View allBeyondTrust Remote Support (RS) and older versions of Privileged Remote Access (PRA) contain a critical pre-authenticati
Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafted serialized data to
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which ca
Server-Side Template Injection (SSTI) vulnerability in the chat feature of Citrix Remote Support (RS) and Privileged Rem
BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injectio
Authentication bypass in BeyondTrust Remote Support (and the related Privileged Remote Access product) lets an unauthent
Pre-authentication access-control bypass in BeyondTrust Remote Support and Privileged Remote Access appliances lets a ne
Improper data-query neutralization (NoSQL injection) in the web application component of BeyondTrust Remote Support and
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijac
A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacke
Same weakness CWE-400 – Uncontrolled Resource Consumption
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41888
GHSA-8v46-5p7g-p46j