BeyondTrust RCE flaw enables code execution without login

Norsk Bokmål

A critical remote code execution vulnerability has been discovered in multiple BeyondTrust products. The flaw, rated 9.9 out of 10 in severity, allows hackers to run code on affected systems without needing to log in. The issue was reported on February 10, 2026.

Security researchers have identified a high-severity remote code execution (RCE) flaw in several products from BeyondTrust, a cybersecurity firm. According to TechRadar, this vulnerability permits unauthorized users to execute arbitrary code on vulnerable systems without authentication, posing significant risks to organizations relying on BeyondTrust's software for privileged access management.

The bug receives a CVSS score of 9.9 out of 10, indicating its critical nature due to potential for widespread exploitation. It affects multiple BeyondTrust offerings, though specific products were not detailed in the initial report. BeyondTrust has not yet issued a public response in the available information.

This discovery underscores ongoing challenges in securing enterprise software against sophisticated attacks. Organizations using BeyondTrust products are advised to monitor for patches, as no timeline for fixes was provided in the report published on February 10, 2026.

Relaterte artikler

Illustration depicting the Linux CopyFail vulnerability enabling root access exploits alongside Ubuntu's DDoS-induced outage.
Bilde generert av AI

Linux CopyFail exploit threatens root access amid Ubuntu outage

Rapportert av AI Bilde generert av AI

A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.

Single errant character triggers high-severity Linux vulnerability

Researchers have identified a high-severity flaw in the Linux kernel that can allow untrusted users to gain root access. The issue stems from one incorrect character in the code.

Microsoft patches critical ASP.NET Core vulnerability on macOS and Linux

Rapportert av AI

Microsoft has released an emergency patch for a high-severity vulnerability in its ASP.NET Core framework, affecting macOS and Linux applications. Tracked as CVE-2026-40372, the flaw allows unauthenticated attackers to gain SYSTEM privileges through forged authentication payloads. The company advises immediate updates and key rotation to fully mitigate risks.

Technology

Google publishes exploit code for unfixed chromium vulnerability

Technology

OpenClaw patches severe vulnerability granting admin access

Linux

US government issues urgent CopyFail warning as Linux patches roll out

Microsoft packages hit with credential-stealing malware for second time

Seventy-three Microsoft open source packages were compromised late last week with malware that steals credentials from cloud services and developer tools. The malicious code activates when opened in AI coding agents.

Universal Robots software flaw exposes factory systems to remote hijacks

Rapportert av AI

A vulnerability in outdated PolyScope software from Universal Robots could let hackers remotely take over factory robots. The flaw impacts thousands of industrial systems worldwide. The issue was highlighted in a report published on May 25, 2026.

torsdag, 18. juni 2026, 00:38

Massive Fortinet breach exposes credentials of major organizations

tirsdag, 9. juni 2026, 04:36

Single character triggers high-severity Linux kernel vulnerability

tirsdag, 26. mai 2026, 07:15

Ghost CMS flaw leveraged in ClickFix attacks

mandag, 25. mai 2026, 12:40

Trend Micro Apex One zero-day exploited in the wild

lørdag, 23. mai 2026, 01:36

Linux kernel flaw lets unprivileged users gain root access

torsdag, 14. mai 2026, 20:13

Zero-day exploit bypasses default windows 11 bitlocker encryption

mandag, 4. mai 2026, 03:03

Red Hat directs users to security page for CopyFail vulnerability

Dette nettstedet bruker informasjonskapsler

Vi bruker informasjonskapsler for analyse for å forbedre nettstedet vårt. Les vår personvernerklæring for mer informasjon.
Avvis