Fast Facts
- Attackers can bypass authentication and gain unauthorized control of BeyondTrust RS and PRA devices via CVE-2026-40138 and CVE-2026-40139, especially with specific configurations enabled.
- Unauthenticated remote attackers may exploit CVE-2026-40140 to trigger denial-of-service, disrupting system availability.
- Authenticated users with limited privileges could access unintended resources due to CVE-2026-40141, risking data breaches or privilege escalation.
Threat, Attack Techniques, and Targets
BeyondTrust has released patches for two critical vulnerabilities that impact its Remote Support (RS) and Privileged Remote Access (PRA) products. These flaws are pre-authentication, meaning attackers can exploit them without needing login credentials. The vulnerabilities allow attackers to bypass security controls, gain control of devices, or disrupt services.
Attackers can use these flaws by sending specially crafted requests to the affected systems. The vulnerabilities stem from improper validation of authentication data, authentication requests, or client input. Because the flaws do not require prior access, attackers can target external devices connected to the internet.
The targets are systems running vulnerable versions of BeyondTrust RS and PRA, especially when certain authentication configurations are enabled. Attackers may also aim to access sensitive data or cause system outages.
Impact, Security Implications, and Remediation Guidance
If exploited, these vulnerabilities can lead to serious outcomes. Attackers could take over devices, access data they should not see, or disrupt operations. This could weaken security, result in data breaches, or cause system downtime.
The vulnerabilities are serious because they affect core security elements like access control and resource validation. The most severe flaws could enable unauthenticated attackers to control affected systems.
To protect systems, users should update to the fixed versions: RS 25.3.3 or higher and PRA 25.3.3 or higher. BeyondTrust has addressed these flaws in the specified updates.
Because there are no details about ongoing exploitation, users should consult the vendor or relevant security authorities for further guidance on implementing updates and securing their systems.
Discover More Technology Insights
Explore the future of technology with our detailed insights on Artificial Intelligence.
Explore past and present digital transformations on the Internet Archive.
ThreatIntel-V1
