CVE-2026-1731

9.8 CRITICAL CISA KEV - Actively Exploited

Published: February 06, 2026 Modified: February 17, 2026

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

https://beyondtrustcorp.service-now.com/csm?id=csm_kb_article&sysparm_article=KB0023293

Source: 13061848-ea10-403d-bd75-c83a022c2891

Permissions Required

https://www.beyondtrust.com/trust-center/security-advisories/bt26-02

Source: 13061848-ea10-403d-bd75-c83a022c2891

Vendor Advisory

https://github.com/win3zz/CVE-2026-1731

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Exploit Third Party Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-1731

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

US Government Resource

https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Third Party Advisory

5 reference(s) from NVD

Quick Stats

CVSS v3 Score

9.8 / 10.0

EPSS (Exploit Probability)

68.6%

99th percentile

Exploitation Status

Actively Exploited

Remediation due: 2026-02-16

Weaknesses (CWE)

CWE-78

Affected Vendors

beyondtrust

Related CVEs

CVE-2026-4472 6.3

CVE-2026-4471 4.7

CVE-2026-4470 4.7

CVE-2026-4469 4.7

CVE-2026-33035 N/A