CVE-2026-40139: CWE-287 Improper Authentication in BeyondTrust Remote Support
A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.
AI Analysis
Technical Summary
This vulnerability (CVE-2026-40139) in BeyondTrust Remote Support involves improper authentication processing that may allow unauthenticated remote attackers to bypass access controls. The flaw affects the authentication subsystem and can lead to unauthorized access to the appliance, including accounts with elevated privileges. Exploitation depends on a particular authentication configuration being enabled. The CVSS 4.0 base score is 9.2, indicating critical severity. No vendor advisory or patch information is currently available, and the product is not a cloud service.
Potential Impact
Successful exploitation can result in unauthorized remote access to the BeyondTrust Remote Support appliance without authentication, potentially granting attackers elevated privileges. This compromises the confidentiality, integrity, and availability of the system and any managed endpoints or data accessible through it.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, review and disable the specific authentication configuration required for exploitation if possible, and restrict network access to the appliance to trusted sources only.
CVE-2026-40139: CWE-287 Improper Authentication in BeyondTrust Remote Support
Description
A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support. Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.
CVSS v4.0
Score 9.2critical
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CVE-2026-40139) in BeyondTrust Remote Support involves improper authentication processing that may allow unauthenticated remote attackers to bypass access controls. The flaw affects the authentication subsystem and can lead to unauthorized access to the appliance, including accounts with elevated privileges. Exploitation depends on a particular authentication configuration being enabled. The CVSS 4.0 base score is 9.2, indicating critical severity. No vendor advisory or patch information is currently available, and the product is not a cloud service.
Potential Impact
Successful exploitation can result in unauthorized remote access to the BeyondTrust Remote Support appliance without authentication, potentially granting attackers elevated privileges. This compromises the confidentiality, integrity, and availability of the system and any managed endpoints or data accessible through it.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, review and disable the specific authentication configuration required for exploitation if possible, and restrict network access to the appliance to trusted sources only.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- BT
- Date Reserved
- 2026-04-09T18:36:13.133Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a4bdd5a27e9c79719dab24a
Added to database: 07/06/2026, 16:52:42 UTC
Last enriched: 07/06/2026, 17:07:21 UTC
Last updated: 07/06/2026, 19:07:21 UTC
Views: 13
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.