xCruzo
|
Tech

BeyondTrust Fixes CVSS 9.2 PAM Bypass in Tools State Hackers Have Targeted for 18 Months

Cyber Tech Times ✦ xCruzo 🇺🇸🇪🇸
📄 Read Article
BeyondTrust Fixes CVSS 9.2 PAM Bypass in Tools State Hackers Have Targeted for 18 Months
Browse hubs:CarsAviationMarineMoneySportsTech
xCruzo Brief

BeyondTrust Fixes CVSS 9.2 PAM Bypass in Tools State Hackers Have Targeted for 18 Months, highlighting how a privileged access gateway can turn a remote flaw into full enterprise takeover. On Tuesday, BeyondTrust disclosed four vulnerabilities affecting Remote Support (RS) and Privileged Remote Access (PRA) appliances and software, including two critical pre-authentication bypass issues rated 9.2 on CVSS v4. The company warned that self-hosted customers on version 25.3.2 or earlier that are not enrolled in automatic updates remain exposed, while cloud-hosted customers were patched silently on April 21, 2026. The advisory BT26-03 describes CVE-2026-40138 and CVE-2026-40139 as authentication-subsystem and request-path validation failures that can be exploited without credentials, potentially enabling unauthorized administrative access across managed systems.

xCruzo quick-read summary • Source: Tech Times • Read the full article for complete information.
📄 Read Full Article →
xCruzo xCruzo
See your VIN Report in 15 seconds — Free
1 in 5 cars has an open recall. Is yours one of them?
Not the dealer’s report. Yours.
Choose your detail level — free to full.
For the price of a coffee.
Check My VIN — Free
Free · No credit card · Instant results
Link copied ✓