Authentication Bypass Vulnerability in BeyondTrust Remote Support
CVE-2026-40139
9.2CRITICAL
What is CVE-2026-40139?
A significant vulnerability exists in the authentication subsystem of BeyondTrust Remote Support, allowing for improper handling of authentication requests. This flaw can enable an unauthenticated remote attacker to bypass established access controls, potentially granting unauthorized access to sensitive areas of the appliance, including high-privilege accounts. Successful exploitation is contingent upon specific authentication configuration settings being enabled.
Affected Version(s)
Privileged Remote Access 0 < 26.2.1
Privileged Remote Access 0 < 25.3.3
Remote Support 0 < 26.2.1
