Skip to main content

Privileged Remote Access

10 CVEs product

Monthly

CVE-2026-40140 HIGH PATCH NEWS This Week

Denial-of-service in BeyondTrust Remote Support and Privileged Remote Access appliances lets an unauthenticated remote attacker exhaust or crash the network communication subsystem, taking the appliance offline. The flaw is pre-authentication and network-reachable (CVSS 4.0 8.7, availability-only impact), but affects availability only - no confidentiality or integrity loss. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

Denial Of Service Remote Support Privileged Remote Access
NVD
CVSS 4.0
8.7
EPSS
0.6%
CVE-2026-40139 CRITICAL PATCH NEWS Act Now

Authentication bypass in BeyondTrust Remote Support (and the related Privileged Remote Access product) lets an unauthenticated remote attacker defeat access controls in the appliance's authentication subsystem and log in as arbitrary accounts, including highly privileged ones. Rated CVSS 4.0 9.2 (critical) and tracked as CWE-287 (Improper Authentication), the flaw is pre-authentication and network-reachable but is gated by a specific authentication configuration being enabled, reflected in the vector's Attack Requirements (AT:P). No public exploit identified at time of analysis, and the issue is not on CISA KEV.

Authentication Bypass Remote Support Privileged Remote Access
NVD VulDB
CVSS 4.0
9.2
EPSS
0.7%
CVE-2026-40138 CRITICAL PATCH NEWS Act Now

Pre-authentication access-control bypass in BeyondTrust Remote Support and Privileged Remote Access appliances lets a network-positioned attacker abuse improper authentication-data validation to reach the appliance and take over accounts, including privileged ones. Exploitation only works when a specific authentication configuration is enabled, and success requires overcoming meaningful attack conditions (CVSS 4.0 AC:H/AT:P). No public exploit has been identified at time of analysis and it is not on CISA KEV, but the pre-auth nature and privileged-access role of these appliances make it high-priority for internet-exposed deployments.

Authentication Bypass Remote Support Privileged Remote Access
NVD VulDB
CVSS 4.0
9.2
EPSS
0.4%
CVE-2026-1731 CRITICAL POC KEV EUVD KEV THREAT Emergency

BeyondTrust Remote Support (RS) and older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability (CVE-2026-1731) that allows unauthenticated attackers to execute OS commands through specially crafted requests. With EPSS 66% and KEV listing with public PoC, this vulnerability is devastating because these products are specifically designed for privileged remote access — compromising them grants attackers access to the most sensitive systems in an organization.

RCE Remote Support Privileged Remote Access
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
66.1%
Threat
6.9
CVE-2025-5309 CRITICAL Act Now

Server-Side Template Injection (SSTI) vulnerability in the chat feature of Citrix Remote Support (RS) and Privileged Remote Access (PRA) that enables unauthenticated remote code execution with a critical CVSS score of 9.8. The vulnerability affects the chat messaging functionality across both products with no authentication or user interaction required, allowing attackers to execute arbitrary code on affected systems. This is a critical severity issue requiring immediate patching.

RCE Code Injection Remote Support Privileged Remote Access
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-0217 HIGH This Week

BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privileged Remote Access
NVD
CVSS 4.0
7.3
EPSS
0.1%
CVE-2024-12686 HIGH KEV THREAT This Week

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Privileged Remote Access Remote Support
NVD
CVSS 3.1
7.2
EPSS
13.8%
CVE-2024-12356 CRITICAL POC KEV THREAT Emergency

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Privileged Remote Access Remote Support
NVD
CVSS 3.1
9.8
EPSS
88.0%
CVE-2023-23632 HIGH This Week

BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privileged Remote Access
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-4310 CRITICAL Act Now

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Privileged Remote Access Remote Support
NVD
CVSS 3.1
9.8
EPSS
1.4%
EPSS 1% CVSS 8.7
HIGH PATCH This Week

Denial-of-service in BeyondTrust Remote Support and Privileged Remote Access appliances lets an unauthenticated remote attacker exhaust or crash the network communication subsystem, taking the appliance offline. The flaw is pre-authentication and network-reachable (CVSS 4.0 8.7, availability-only impact), but affects availability only - no confidentiality or integrity loss. No public exploit identified at time of analysis, and it is not listed in CISA KEV.

Denial Of Service Remote Support Privileged Remote Access
NVD
EPSS 1% CVSS 9.2
CRITICAL PATCH Act Now

Authentication bypass in BeyondTrust Remote Support (and the related Privileged Remote Access product) lets an unauthenticated remote attacker defeat access controls in the appliance's authentication subsystem and log in as arbitrary accounts, including highly privileged ones. Rated CVSS 4.0 9.2 (critical) and tracked as CWE-287 (Improper Authentication), the flaw is pre-authentication and network-reachable but is gated by a specific authentication configuration being enabled, reflected in the vector's Attack Requirements (AT:P). No public exploit identified at time of analysis, and the issue is not on CISA KEV.

Authentication Bypass Remote Support Privileged Remote Access
NVD VulDB
EPSS 0% CVSS 9.2
CRITICAL PATCH Act Now

Pre-authentication access-control bypass in BeyondTrust Remote Support and Privileged Remote Access appliances lets a network-positioned attacker abuse improper authentication-data validation to reach the appliance and take over accounts, including privileged ones. Exploitation only works when a specific authentication configuration is enabled, and success requires overcoming meaningful attack conditions (CVSS 4.0 AC:H/AT:P). No public exploit has been identified at time of analysis and it is not on CISA KEV, but the pre-auth nature and privileged-access role of these appliances make it high-priority for internet-exposed deployments.

Authentication Bypass Remote Support Privileged Remote Access
NVD VulDB
EPSS 66% 6.9 CVSS 9.8
CRITICAL POC KEV EUVD KEV THREAT Emergency

BeyondTrust Remote Support (RS) and older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability (CVE-2026-1731) that allows unauthenticated attackers to execute OS commands through specially crafted requests. With EPSS 66% and KEV listing with public PoC, this vulnerability is devastating because these products are specifically designed for privileged remote access — compromising them grants attackers access to the most sensitive systems in an organization.

RCE Remote Support Privileged Remote Access
NVD GitHub VulDB
EPSS 1% CVSS 9.8
CRITICAL Act Now

Server-Side Template Injection (SSTI) vulnerability in the chat feature of Citrix Remote Support (RS) and Privileged Remote Access (PRA) that enables unauthenticated remote code execution with a critical CVSS score of 9.8. The vulnerability affects the chat messaging functionality across both products with no authentication or user interaction required, allowing attackers to execute arbitrary code on affected systems. This is a critical severity issue requiring immediate patching.

RCE Code Injection Remote Support +1
NVD
EPSS 0% CVSS 7.3
HIGH This Week

BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privileged Remote Access
NVD
EPSS 14% CVSS 7.2
HIGH KEV THREAT This Week

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Privileged Remote Access Remote Support
NVD
EPSS 88% CVSS 9.8
CRITICAL POC KEV THREAT Emergency

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Privileged Remote Access Remote Support
NVD
EPSS 0% CVSS 7.8
HIGH This Week

BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Privileged Remote Access
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) versions 23.2.1 and 23.2.2 contain a command injection vulnerability which can be exploited through a malicious HTTP request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Privileged Remote Access Remote Support
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy