Critical Vulnerability CVE-2026-1731 Exploited in BeyondTrust Remote Access Products

Threat actors are actively exploiting a critical vulnerability, CVE-2026-1731 (CVSS score: 9.9), in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) products. The flaw is being leveraged to deploy VShell, establish persistence, move laterally within networks, and gain control over compromised systems. No specific timeline or attribution to particular threat groups was provided in the reported attacks. The vulnerability affects BeyondTrust’s remote access solutions, though the exact versions impacted were not detailed. Exploitation enables attackers to escalate privileges and maintain access to targeted environments.