Beyondtrust: >> Remote Support >> 10.0.6 Security Vulnerabilities
CVE-2026-1731
BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.
Known exploited
CVSS Score
9.8
EPSS Score
0.716
Published
2026-02-06
CVE-2024-12686
A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow an attacker with existing administrative privileges to inject commands and run as a site user.
Known exploited
CVSS Score
6.6
EPSS Score
0.334
Published
2024-12-18
CVE-2024-12356
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) products which can allow an unauthenticated attacker to inject commands that are run as a site user.
Known exploited
CVSS Score
9.8
EPSS Score
0.938
Published
2024-12-17