{"id":14113,"date":"2026-07-07T10:03:35","date_gmt":"2026-07-07T10:03:35","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/07\/07\/critical-beyondtrust-flaws-let-attackers-bypass-access-controls-and-gain-unauthorized-access\/"},"modified":"2026-07-07T10:03:35","modified_gmt":"2026-07-07T10:03:35","slug":"critical-beyondtrust-flaws-let-attackers-bypass-access-controls-and-gain-unauthorized-access","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/07\/07\/critical-beyondtrust-flaws-let-attackers-bypass-access-controls-and-gain-unauthorized-access\/","title":{"rendered":"Critical BeyondTrust Flaws Let Attackers Bypass Access Controls and Gain Unauthorized Access"},"content":{"rendered":"<p>    Critical BeyondTrust Flaws Let Attackers Bypass Access Controls and Gain Unauthorized Access<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p class=\"wp-block-paragraph\">BeyondTrust has disclosed multiple critical and high-severity vulnerabilities affecting its Remote Support (RS) and Privileged Remote Access (PRA) solutions, potentially allowing attackers to <a href=\"https:\/\/cybersecuritynews.com\/beyondtrust-remote-access-products-0-day-vulnerability\/\" target=\"_blank\" rel=\"noreferrer noopener\">bypass access controls<\/a> and gain unauthorized access to sensitive systems.<\/p>\n<p class=\"wp-block-paragraph\">The issues are tracked under Advisory ID BT26-03 and carry a maximum CVSS v4 score of 9.2, indicating a severe risk to impacted environments.<\/p>\n<p class=\"wp-block-paragraph\">According to the advisory, the vulnerabilities were discovered internally by BeyondTrust\u2019s Product Security team as part of its ongoing security research efforts.<\/p>\n<p class=\"wp-block-paragraph\">The company also noted that its findings were supported by <a href=\"https:\/\/cybersecuritynews.com\/surge-in-ai-driven-phishing-attacks\/\" target=\"_blank\" rel=\"noreferrer noopener\">AI-driven vulnerability<\/a> discovery techniques, using both publicly available models and proprietary tools.<\/p>\n<h2 id=\"h-beyondtrust-vulnerabilities\" class=\"wp-block-heading\"><strong>BeyondTrust Vulnerabilities<\/strong><\/h2>\n<p class=\"wp-block-paragraph\">The research was conducted independently and is not related to external projects. The most critical flaws, CVE-2026-40138 and CVE-2026-40139, stem from improper authentication mechanisms in the affected products.<\/p>\n<p class=\"wp-block-paragraph\">These pre-authentication vulnerabilities could allow unauthenticated attackers to bypass access controls under certain configurations.<\/p>\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/cybersecuritynews.com\/beyondtrust-vulnerability-exploited\/\" target=\"_blank\" rel=\"noreferrer noopener\">Successful exploitation<\/a> may grant attackers unauthorized access to the appliance, including accounts with elevated privileges, significantly increasing the risk of compromise.<\/p>\n<p class=\"wp-block-paragraph\">CVE-2026-40138 affects both Remote Support and Privileged Remote Access and involves improper validation of authentication data. CVE-2026-40139 specifically impacts Remote Support and is caused by improper processing of authentication requests.<\/p>\n<p class=\"wp-block-paragraph\">In both cases, exploitation depends on specific authentication configurations being enabled. However, no user interaction is required, making them particularly dangerous in exposed environments.<\/p>\n<p class=\"wp-block-paragraph\">In addition to the critical flaws, two high-severity vulnerabilities were also identified. CVE-2026-40140 is a pre-authentication issue in the network communication subsystem that could allow attackers to trigger a denial-of-service condition, potentially disrupting service availability.<\/p>\n<p class=\"wp-block-paragraph\">Meanwhile, CVE-2026-40141 affects a web application component. It could allow authenticated users with limited privileges to access unintended resources due to improper input validation.<\/p>\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/www.beyondtrust.com\/trust-center\/security-advisories\/bt26-03\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">BeyondTrust confirmed<\/a> that cloud-hosted customers were automatically patched as of April 21, 2026. However, organizations using self-hosted deployments remain at risk if updates have not been applied. The vulnerabilities affect Remote Support and PRA versions 25.3.2 and earlier.<\/p>\n<p class=\"wp-block-paragraph\">To mitigate the risk, customers are advised to apply the April 2026 security rollup patches or upgrade to version 25.3.3 or later for both RS and PRA. These updates address all known vulnerabilities outlined in the advisory.<\/p>\n<p class=\"wp-block-paragraph\">Security teams should prioritize patching, especially in environments where <a href=\"https:\/\/cybersecuritynews.com\/beyondtrust-remote-access-support-flaw\/\" target=\"_blank\" rel=\"noreferrer noopener\">remote access tools are exposed<\/a> to external networks.<\/p>\n<p class=\"wp-block-paragraph\">Given the potential for unauthenticated exploitation and privilege escalation, these flaws could be leveraged in targeted attacks or broader intrusion campaigns if left unaddressed.<\/p>\n<p class=\"has-background wp-block-paragraph\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 87%,rgb(169,184,195) 100%)\"><strong>\u00a0Strengthen Your SOC by Accelerating Threat Detection &amp; Rapid Investigations.\u00a0-&gt; <a href=\"https:\/\/any.run\/enterprise\/?utm_source=csn&amp;utm_medium=links&amp;utm_campaign=sandbox&amp;utm_content=enterprise&amp;utm_term=0626#contact-sales\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Integrate ANY.RUN With Your SOC <\/a><strong><a href=\"https:\/\/any.run\/enterprise\/?utm_source=csn&amp;utm_medium=links&amp;utm_campaign=sandbox&amp;utm_content=enterprise&amp;utm_term=0626#contact-sales\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Now<\/a><\/strong>.<\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/beyondtrust-vulnerabilities\/\">Critical BeyondTrust Flaws Let Attackers Bypass Access Controls and Gain Unauthorized Access<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Abinaya<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/beyondtrust-vulnerabilities\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Critical BeyondTrust Flaws Let Attackers Bypass Access Controls and Gain Unauthorized Access BeyondTrust has disclosed multiple critical and high-severity vulnerabilities affecting its Remote Support (RS) and Privileged Remote Access (PRA) solutions, potentially allowing attackers to bypass access controls and gain unauthorized access to sensitive systems. The issues are tracked under Advisory ID BT26-03 and carry [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,648],"tags":[130],"class_list":["post-14113","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-vulnerability-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14113"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=14113"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/14113\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=14113"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=14113"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=14113"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}