The Threat CodexFeb 9
CVE-2026-1731: Pre-Auth RCE in BeyondTrust Remote Support & PRA
#BeyondTrust #BeyondTrustSecureRemoteAccess #CVE_2026_1731
https://www.hacktron.ai/blog/cve-2026-1731-beyondtrust-remote-support-rce
When Your VPN Opens Your Private Network to the Public

How AI-assisted reverse engineering of stripped PAN-OS binaries led to finding a JWT algorithm confusion vulnerability in GlobalProtect's Cloud Authentication Service, enabling full VPN auth bypass with just a username.

Hacktron AI
The Threat CodexJun 18, 2025
BeyondTrust Remote Support: How template injection can lead to remote code execution
#BeyondTrust #BeyondTrustSecureRemoteAccess #CVE_2025_5309
https://www.resillion.com/latest-news/beyondtrust-remote-support-how-template-injection-can-lead-to-remote-code-execution/
BeyondTrust Remote Support: How template injection can lead to remote code execution

The vulnerability was disclosed to BeyondTrust through their Responsible Disclosure program on 6 May 2025. A couple of weeks later,

Resillion
The Threat CodexDec 20, 2024
BeyondTrust says hackers breached Remote Support SaaS instances
#BeyondTrust #BeyondTrustSecureRemoteAccess #CVE_2024_12356 #CVE_2024_12686
https://www.bleepingcomputer.com/news/security/beyondtrust-says-hackers-breached-remote-support-saas-instances/
BeyondTrust says hackers breached Remote Support SaaS instances

Privileged access management company BeyondTrust suffered a cyberattack in early December after threat actors breached some of its Remote Support SaaS instances.

BleepingComputer