Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access
CVE-2026-40140

8.7HIGH

Key Information:

Vendor
CVE Published:
6 July 2026

What is CVE-2026-40140?

BeyondTrust Remote Support and Privileged Remote Access exhibit a vulnerability in the network communication subsystem. This flaw involves inadequate validation of client-supplied input, which may enable unauthenticated remote attackers to exploit the system. As a result, they could trigger a denial-of-service condition, ultimately compromising the availability of the affected appliances and disrupting normal operations.

Affected Version(s)

Privileged Remote Access 0 < 26.2.1

Privileged Remote Access 0 < 25.3.3

Remote Support 0 < 26.2.1

References

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.