Alert icon Keyboard navigation enabled.
Alert icon TAB or Shift+TAB to navigate across. Down ↓ to open menu. ESC to close menu.
Alert icon Down ↓ to select section. Right → to activate. Up ↑ / Down ↓ / Tab to traverse all. ESC to exit.
BeyondTrust
Skip to content Use space or enter to skip.

What can we help you find today?

Instant Results
  • Website Results
  • Technical Documentation

Filter Options

Focus your search

Filtering by

Your recent searches:

Contact Us Chat with Sales Get Support
  • English
  • Deutsch
  • français
  • español
  • 한국어
  • português
  • Home
  • BT26-03 current page
Link copied

BT26-03

Trust Center
Privacy Center

Advisory ID: BT26-03

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • Issue Date: 06-21-2026
  • Updated On: 06-21-2026
  • Max CVSS v4 Score: 9.2
  • Impacted Product(s): Remote Support (RS) & Privilege Remote Access (PRA)

Synopsis

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

This security advisory addresses multiple internally discovered vulnerabilities affecting Remote Support and Privileged Remote Access products. These issues were identified by the BeyondTrust Product Security team as part of ongoing security assessments. Customers are advised to review the details below and update to the fixed versions as outlined.

Summary

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

BeyondTrust Remote Support and Privileged Remote Access are affected by multiple internally discovered vulnerabilities ranging from critical to high severity. These vulnerabilities were identified through BeyondTrust's internal security research program. These vulnerabilities were identified through BeyondTrust's own AI-driven vulnerability research using publicly available AI models (Opus 4.8) and our proprietary research tooling. The work was conducted independently of Project Glasswing.

The most severe vulnerabilities may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance under specific configurations. Additional vulnerabilities may allow service disruption, unintended data access, and under distinct configurations, elevated access by an authenticated user that may impact system integrity.

Vulnerability Details

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Summary table

CVE Severity CVSS v4 Score
CVE-2026-40138 Critical 9.2
CVE-2026-40139 Critical 9.2
CVE-2026-40140 High 8.7
CVE-2026-40141 High 8.5

CVE-2026-40138

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • Severity: Critical
  • CVSS v4 Score: 9.2
  • CVSS v4 Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
  • CWE: CWE-287 Improper Authentication

Description

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access.

Impact

Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.

CVE-2026-40139

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • Severity: Critical
  • CVSS v4 Score: 9.2
  • CVSS v4 Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
  • CWE: CWE-287 Improper Authentication

Description

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support.

Impact

Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.

CVE-2026-40140

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • Severity: High
  • CVSS v4 Score: 8.7
  • CVSS v4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
  • CWE: CWE-400 Uncontrolled Resource Consumption

Description

BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem.

Impact

Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting appliance availability.

CVE-2026-40141

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • Severity: High
  • CVSS v4 Score: 8.5
  • CVSS v4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
  • CWE: CWE-943 Improper Neutralization of Special Elements in Data Query Logic

Description

A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters.

Impact

Insufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to access unintended resources or data beyond their authorization scope. Exploitation is restricted to accounts with specific permissions.

Mitigation

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

A patch has been applied to all RS/PRA cloud customers as of April 21,2026.

Self-hosted customer should apply the April security rollup patch for the affected version if their instance is not subscribed to automatic updates or upgrade to RS 25.3.3 & above or PRA 25.3.3 & above.

Affected Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
Remote Support RS 25.3.2 or lower
Privileged Remote Access PRA 25.3.2 or lower

Fixed Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
Remote Support Yes RS patch Security Rollup April 2026 25 RS or Security Rollup April 2026 24 RS dependent on the RS version
Yes RS 25.3.3 & above
Privileged Remote Access Yes PRA patch Security Rollup April 2026 25 PRA or Security Rollup April 2026 24 PRA dependent on the PRA version
Yes PRA 25.3.3 & above

References

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • https://www.cve.org/CVERecord?id=CVE-2026-40138
  • https://www.cve.org/CVERecord?id=CVE-2026-40139
  • https://www.cve.org/CVERecord?id=CVE-2026-40140
  • https://www.cve.org/CVERecord?id=CVE-2026-40141
  • https://nvd.nist.gov/vuln/detail/CVE-2026-40138
  • https://nvd.nist.gov/vuln/detail/CVE-2026-40139
  • https://nvd.nist.gov/vuln/detail/CVE-2026-40140
  • https://nvd.nist.gov/vuln/detail/CVE-2026-40141
  • https://beyondtrustcorp.service-now.com/csm?id=kb_article&sysparm_article=KB0023700

Keep up with BeyondTrust

Customer Support Get Started
  • LinkedIn
  • X
  • Facebook
  • Instagram
  • Add BeyondTrust as a preferred source on Google
  • Privacy
  • Security
  • Manage Cookies
  • Do Not Sell My Data
  • WEEE Compliance

Copyright © 2003 — 2026 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.

Prefers reduced motion setting detected. Animations will now be reduced as a result.