Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-40141— High-Severity Vulnerability In Web Application Component of BeyondTrust Remote Support and Privileged Remote Access

AI Predicted 6.5 Difficulty: Easy EPSS 0.48% · P38

Affected Version Matrix 2

VendorProductVersion RangeStatus
BeyondTrustPrivilege Remote Access≤ 25.3.2affected
BeyondTrustRemote Support≤ 25.3.2affected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-40141

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
High-Severity Vulnerability In Web Application Component of BeyondTrust Remote Support and Privileged Remote Access
Source: NVD (National Vulnerability Database)
Vulnerability Description
A high-severity vulnerability exists in a web application component of BeyondTrust Remote Support and Privileged Remote Access related to the processing of certain input parameters. Insufficient validation of user-supplied input may allow an authenticated attacker with limited privileges to access unintended resources or data beyond their authorization scope. Exploitation is restricted to accounts with specific permissions.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
数据查询逻辑中特殊元素的不当中和
Source: NVD (National Vulnerability Database)
Vulnerability Title
BeyondTrust Remote Support 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
BeyondTrust remote support是美国BeyondTrust公司的一款远程支持工具。 BeyondTrust Remote Support 26.2.1之前版本和25.3.3之前版本以及Privilege Remote Access 26.2.1之前版本和25.3.3之前版本存在输入验证错误漏洞,该漏洞源于对用户提供的输入验证不足,可能导致具有特定权限的经身份验证攻击者访问未授权的资源或数据。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
BeyondTrustRemote Support 0 ~ 25.3.2 -
BeyondTrustPrivilege Remote Access 0 ~ 25.3.2 -

II. Public POCs for CVE-2026-40141

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-40141

登录查看更多情报信息。

Vendor Advisories for CVE-2026-40141 (1)

Same Patch Batch · BeyondTrust · 2026-07-06 · 4 CVEs total

CVE-2026-40139Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Rem
CVE-2026-40138Critical Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privileged Rem
CVE-2026-40140High-Severity Pre-Authentication Vulnerability in BeyondTrust Remote Support and Privilege

IV. Related Vulnerabilities

V. Comments for CVE-2026-40141

No comments yet


Leave a comment