Security · 2h ago
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA
BeyondTrust released updates fixing two critical vulnerabilities (CVE-2026-40138, CVSS 9.2) in Remote Support and Privileged Remote Access products. The flaws allow unauthenticated attackers to take control of affected devices. Users should apply patches immediately.
Meridian48 take
These are the kind of remote-access bugs that attackers love—unauthenticated and critical—so patching speed matters more than the vendor's typical disclosure fanfare.
Read the full reporting
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA →
The Hacker News
beyondtrustauthentication-bypass