CVE-2026-40141
BeyondTrust Privileged Remote Access Client Analyse et atténuation des vulnérabilités

Aperçu

CVE-2026-40141 is a high-severity authorization bypass vulnerability in BeyondTrust Remote Support and Privileged Remote Access (PRA) caused by insufficient validation of user-supplied input parameters in a web application component. An authenticated attacker with limited privileges and specific permissions can exploit this flaw to access unintended resources or data beyond their authorization scope. Affected versions include Remote Support and Privileged Remote Access prior to 25.3.3 and prior to 26.2.1. It was published on July 6, 2026, and carries a CVSS v4.0 base score of 8.5 (High) (GitHub Advisory, BeyondTrust Advisory).

Détails techniques

The root cause is classified as CWE-943 (Improper Neutralization of Special Elements in Data Query Logic), which is associated with CAPEC-676 (NoSQL Injection). The vulnerability arises when user-supplied input parameters are processed by a web application component without adequate sanitization, potentially allowing crafted input to alter the intended query logic and retrieve data outside the attacker's authorization scope. Exploitation requires network access, low privileges, no user interaction, and no special attack requirements, making it relatively straightforward for any authenticated user with the relevant permissions (GitHub Advisory, BeyondTrust Advisory).

Impact

Successful exploitation allows an authenticated attacker to access confidential resources or data beyond their intended authorization scope within the vulnerable system, with high confidentiality impact on both the vulnerable and subsequent systems. Additionally, subsequent systems face high integrity and availability impacts, suggesting the potential for broader compromise beyond the initial access point. While direct code execution is not indicated, unauthorized data access in privileged remote access platforms could expose sensitive credentials, session data, or managed endpoint information, facilitating lateral movement within an enterprise environment (GitHub Advisory).

Atténuation et solutions de contournement

BeyondTrust has released patched versions addressing this vulnerability: Remote Support and Privileged Remote Access versions 25.3.3 and 26.2.1 or later are not affected. Organizations should upgrade to these fixed versions as the primary remediation step. As interim measures, applying the principle of least privilege to limit the accounts that hold the specific permissions required for exploitation, and monitoring for unauthorized access attempts to resources beyond normal user authorization levels, are recommended (BeyondTrust Advisory, GitHub Advisory).

Réactions de la communauté

The vulnerability received coverage from multiple security news outlets shortly after disclosure, including The Hacker News, BleepingComputer, CybersecurityNews, and GBHackers, often grouped with related BeyondTrust flaws disclosed simultaneously (The Hacker News, BleepingComputer). Coverage emphasized the risk to enterprise remote access infrastructure given BeyondTrust's role in privileged access management. SOCRadar also published a dedicated blog post analyzing the fixes (SOCRadar). Community sentiment reflected heightened concern given BeyondTrust's history of high-profile vulnerabilities in prior years.

Ressources additionnelles


SourceCe rapport a été généré à l’aide de l’IA

Apparenté BeyondTrust Privileged Remote Access Client Vulnérabilités:

Identifiant CVE

Sévérité

Score

Technologies

Nom du composant

Exploit CISA KEV

A corrigé

Date de publication

CVE-2026-1731CRITICAL9.9
  • BeyondTrust Privileged Remote Access Client logoBeyondTrust Privileged Remote Access Client
  • cpe:2.3:a:beyondtrust:privileged_remote_access
OuiOuiFeb 06, 2026
CVE-2026-40139CRITICAL9.2
  • BeyondTrust Privileged Remote Access Client logoBeyondTrust Privileged Remote Access Client
  • cpe:2.3:a:beyondtrust:privileged_remote_access
NonOuiJul 06, 2026
CVE-2026-40138CRITICAL9.2
  • BeyondTrust Privileged Remote Access Client logoBeyondTrust Privileged Remote Access Client
  • cpe:2.3:a:beyondtrust:privileged_remote_access
NonOuiJul 06, 2026
CVE-2026-40140HIGH8.7
  • BeyondTrust Privileged Remote Access Client logoBeyondTrust Privileged Remote Access Client
  • cpe:2.3:a:beyondtrust:remote_support
NonOuiJul 06, 2026
CVE-2026-40141HIGH8.5
  • BeyondTrust Privileged Remote Access Client logoBeyondTrust Privileged Remote Access Client
  • cpe:2.3:a:beyondtrust:privileged_remote_access
NonOuiJul 06, 2026

Évaluation gratuite des vulnérabilités

Évaluez votre posture de sécurité dans le cloud

Évaluez vos pratiques de sécurité cloud dans 9 domaines de sécurité pour évaluer votre niveau de risque et identifier les failles dans vos défenses.

Demander une évaluation

Obtenez une démo personnalisée

Prêt(e) à voir Wiz en action ?

"La meilleure expérience utilisateur que j’ai jamais vue, offre une visibilité totale sur les workloads cloud."
David EstlickRSSI
"Wiz fournit une interface unique pour voir ce qui se passe dans nos environnements cloud."
Adam FletcherChef du service de sécurité
"Nous savons que si Wiz identifie quelque chose comme critique, c’est qu’il l’est réellement."
Greg PoniatowskiResponsable de la gestion des menaces et des vulnérabilités