CVE-2026-40139 (GCVE-0-2026-40139)

Vulnerability from cvelistv5 – Published: 2026-07-06 16:13 – Updated: 2026-07-07 03:56
VLAI
Title
Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access
Summary
A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-287 - Improper Authentication
Assigner
BT
Impacted products
Vendor Product Version
BeyondTrust Remote Support Affected: 0 , < 26.2.1 (custom)
Affected: 0 , < 25.3.3 (custom)
Create a notification for this product.
BeyondTrust Privileged Remote Access Affected: 0 , < 26.2.1 (custom)
Affected: 0 , < 25.3.3 (custom)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-40139",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-06T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-07T03:56:31.765Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Remote Support",
          "vendor": "BeyondTrust",
          "versions": [
            {
              "lessThan": "26.2.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "25.3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Privileged Remote Access",
          "vendor": "BeyondTrust",
          "versions": [
            {
              "lessThan": "26.2.1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "25.3.3",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan\u003e\u003cspan\u003eA critical pre-authentication vulnerability exists in the authentication subsystem of \u003c/span\u003e\u003cspan\u003eBeyondTrust\u003c/span\u003e\u003cspan\u003e Remote Support.\u0026nbsp;\u003c/span\u003e\u003c/span\u003eImproper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled."
            }
          ],
          "value": "A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support.\u00a0Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.2,
            "baseSeverity": "CRITICAL",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287 Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-06T16:13:02.413Z",
        "orgId": "13061848-ea10-403d-bd75-c83a022c2891",
        "shortName": "BT"
      },
      "references": [
        {
          "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt26-03"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access",
      "x_generator": {
        "engine": "Vulnogram 1.0.2"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "13061848-ea10-403d-bd75-c83a022c2891",
    "assignerShortName": "BT",
    "cveId": "CVE-2026-40139",
    "datePublished": "2026-07-06T16:13:02.413Z",
    "dateReserved": "2026-04-09T18:36:13.133Z",
    "dateUpdated": "2026-07-07T03:56:31.765Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-40139",
      "date": "2026-07-07",
      "epss": "0.00716",
      "percentile": "0.49292"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-40139\",\"sourceIdentifier\":\"13061848-ea10-403d-bd75-c83a022c2891\",\"published\":\"2026-07-06T17:16:30.920\",\"lastModified\":\"2026-07-07T05:16:50.963\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support.\u00a0Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.\"}],\"affected\":[{\"source\":\"13061848-ea10-403d-bd75-c83a022c2891\",\"affectedData\":[{\"vendor\":\"BeyondTrust\",\"product\":\"Remote Support\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"26.2.1\",\"versionType\":\"custom\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"25.3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]},{\"vendor\":\"BeyondTrust\",\"product\":\"Privileged Remote Access\",\"defaultStatus\":\"unaffected\",\"versions\":[{\"version\":\"0\",\"lessThan\":\"26.2.1\",\"versionType\":\"custom\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"25.3.3\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"13061848-ea10-403d-bd75-c83a022c2891\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.2,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-07-06T00:00:00+00:00\",\"id\":\"CVE-2026-40139\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"13061848-ea10-403d-bd75-c83a022c2891\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"references\":[{\"url\":\"https://www.beyondtrust.com/trust-center/security-advisories/bt26-03\",\"source\":\"13061848-ea10-403d-bd75-c83a022c2891\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-40139\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-07-06T18:54:58.730122Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-07-06T18:55:05.000Z\"}}], \"cna\": {\"title\": \"Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Remote Access\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-115\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-115 Authentication Bypass\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"Safety\": \"NOT_DEFINED\", \"version\": \"4.0\", \"Recovery\": \"NOT_DEFINED\", \"baseScore\": 9.2, \"Automatable\": \"NOT_DEFINED\", \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"valueDensity\": \"NOT_DEFINED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N\", \"exploitMaturity\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"PRESENT\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"BeyondTrust\", \"product\": \"Remote Support\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"26.2.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"25.3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"BeyondTrust\", \"product\": \"Privileged Remote Access\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"26.2.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"25.3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.beyondtrust.com/trust-center/security-advisories/bt26-03\"}], \"x_generator\": {\"engine\": \"Vulnogram 1.0.2\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support.\\u00a0Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan\u003e\u003cspan\u003eA critical pre-authentication vulnerability exists in the authentication subsystem of \u003c/span\u003e\u003cspan\u003eBeyondTrust\u003c/span\u003e\u003cspan\u003e Remote Support.\u0026nbsp;\u003c/span\u003e\u003c/span\u003eImproper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\"}]}], \"providerMetadata\": {\"orgId\": \"13061848-ea10-403d-bd75-c83a022c2891\", \"shortName\": \"BT\", \"dateUpdated\": \"2026-07-06T16:13:02.413Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-40139\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-07T03:56:31.765Z\", \"dateReserved\": \"2026-04-09T18:36:13.133Z\", \"assignerOrgId\": \"13061848-ea10-403d-bd75-c83a022c2891\", \"datePublished\": \"2026-07-06T16:13:02.413Z\", \"assignerShortName\": \"BT\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…