CISA gives feds 3 days to patch actively exploited BeyondTrust flaw

• CISA gives feds 3 days to patch actively exploited BeyondTrust flaw February 16, 2026 07:33 AM 1 The U.S. • Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies on Friday to secure their BeyondTrust Remote Support instances against an actively exploited vulnerability within three days. • BeyondTrust provides identity security services to more than 20,000 customers across over 100 countries, including government agencies and 75% of Fortune 100 companies worldwide. • Tracked asCVE-2026-1731, this remote code execution vulnerability stems from an OS command injection weaknessandaffects BeyondTrust’s Remote Support 25.3.1 or earlier and Privileged Remote Access 24.3.4 or earlier. • While BeyondTrust patched all Remote Support and Privileged Remote Access SaaS instances on February 2, 2026, on-premise customers must install patches manually. • “Successful exploitation could allow an unauthenticated remote attacker to execute operating system commands in the context of the site user,“BeyondTrust saidwhen it patched the vulnerability on February 6.

Article Summaries:

• The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies on Friday to secure their BeyondTrust Remote Support instances against an actively exploited vulnerability within three days. BeyondTrust provides identity security services to more than 20,000 customers across over 100 countries, including government agencies and 75% of Fortune 100 companies worldwide. Tracked as CVE-2026-1731, this remote code execution vulnerability stems from an OS command injection weakness and affects BeyondTrust’s Remote Support 25.3.1 or earlier and Privileged Remote Access 24.3.4

Sources:

• https://www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-beyondtrust-flaw-within-three-days/