logo

BeyondTrust warns of critical flaws in remote access software

ID: aff94a04-9006-538a-b639-9bee3f56e4ea

STIX ID: report--aff94a04-9006-538a-b639-9bee3f56e4ea

Feed Name: Bleeping Computer

Threat Score
75/100

Date Published: 2026-07-07

Date Updated: 2026-07-07

Author: Sergiu Gatlan

...
...

BeyondTrust released patches for critical authentication-bypass vulnerabilities in Remote Support (RS) and Privileged Remote Access (PRA) (CVE-2026-40138, CVE-2026-40139) plus two additional high-severity issues; cloud customers were patched on April 21, 2026, while self-hosted instances must apply the April security rollup or upgrade to RS/PRA 25.3.3+. Shadowserver reports nearly 2,000 RS/PRA instances exposed online. Although there are no confirmed reports of these specific CVEs being exploited in the wild, the vendor and prior incidents show that BeyondTrust flaws have been weaponized previously — including RCEs used to deploy ransomware and intrusions attributed to the Silk Typhoon APT.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.