Ghostwire

CVE-2026-40138: A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and...

CRITICAL CVSS 0.0

Published: July 6, 2026 | Last Modified: July 6, 2026

Description

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

References