Skip to main content

BeyondTrust Remote Support EUVDEUVD-2026-41887

| CVE-2026-40139 CRITICAL
Improper Authentication (CWE-287)
2026-07-06 BT GHSA-5wv8-v74x-qrjc
9.2
CVSS 4.0 · Vendor: BT
Share

Severity by source

Vendor (BT) PRIMARY
9.2 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.1 HIGH

Remote unauthenticated (AV:N/PR:N/UI:N) with full CIA impact; AC:H reflects the required non-default authentication configuration mapped from the 4.0 AT:P attack requirement.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (BT).

CVSS VectorVendor: BT

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

3
Patch available
Jul 06, 2026 - 18:02 EUVD
Analysis Generated
Jul 06, 2026 - 17:04 vuln.today
CVE Published
Jul 06, 2026 - 16:13 cve.org
CRITICAL 9.2

DescriptionCVE.org

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.

AnalysisAI

Authentication bypass in BeyondTrust Remote Support (and the related Privileged Remote Access product) lets an unauthenticated remote attacker defeat access controls in the appliance's authentication subsystem and log in as arbitrary accounts, including highly privileged ones. Rated CVSS 4.0 9.2 (critical) and tracked as CWE-287 (Improper Authentication), the flaw is pre-authentication and network-reachable but is gated by a specific authentication configuration being enabled, reflected in the vector's Attack Requirements (AT:P). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Reach appliance authentication endpoint
Delivery
Send crafted authentication requests
Exploit
Bypass access-control checks (CWE-287)
Execution
Authenticate as privileged account
Impact
Access appliance and brokered sessions

Vulnerability AssessmentAI

Exploitation The single hard prerequisite, taken directly from the description, is that a specific authentication configuration must be enabled on the BeyondTrust Remote Support (or Privileged Remote Access) appliance - this is the AT:P (Attack Requirements: Present) factor in the CVSS 4.0 vector, and appliances not using that configuration are not exploitable. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals point to a genuine high priority, with one important caveat. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can reach the appliance's login interface over the network sends crafted authentication requests that the subsystem processes improperly, bypassing access-control checks and authenticating as a privileged account without valid credentials. Because the appliance brokers remote sessions into managed endpoints, the attacker could then pivot to leverage those privileged sessions. …
Remediation Apply the fixed appliance release identified in BeyondTrust security advisory BT26-03 (https://www.beyondtrust.com/trust-center/security-advisories/bt26-03) - patch available per vendor advisory, but no exact fixed version was provided in the input data, so confirm the target build directly from BT26-03 before upgrading. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Inventory all BeyondTrust Remote Support and Privileged Remote Access deployments; contact BeyondTrust support to identify whether your versions are affected and if the vulnerable authentication configuration is enabled in your environment. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-1731 CRITICAL POC
9.8 Feb 06

BeyondTrust Remote Support (RS) and older versions of Privileged Remote Access (PRA) contain a critical pre-authenticati

CVE-2015-0935 HIGH POC
7.5 May 25

Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafted serialized data to

CVE-2024-12356 CRITICAL POC
9.8 Dec 17

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which ca

CVE-2025-5309 CRITICAL
9.8 Jun 16

Server-Side Template Injection (SSTI) vulnerability in the chat feature of Citrix Remote Support (RS) and Privileged Rem

CVE-2023-4310 CRITICAL
9.8 Sep 05

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injectio

CVE-2026-40138 CRITICAL
9.2 Jul 06

Pre-authentication access-control bypass in BeyondTrust Remote Support and Privileged Remote Access appliances lets a ne

CVE-2026-40140 HIGH
8.7 Jul 06

Denial-of-service in BeyondTrust Remote Support and Privileged Remote Access appliances lets an unauthenticated remote a

CVE-2026-40141 HIGH
8.5 Jul 06

Improper data-query neutralization (NoSQL injection) in the web application component of BeyondTrust Remote Support and

CVE-2017-5996 HIGH
7.8 Oct 26

The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijac

CVE-2024-12686 HIGH
7.2 Dec 18

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacke

Share

EUVD-2026-41887 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy