BeyondTrust released emergency patches for two critical authentication bypass vulnerabilities in its Remote Support and Privileged Remote Access products. These flaws allow unauthenticated attackers to seize control of affected systems without credentials.

CVE-2024-40138 carries a CVSS score of 9.2, indicating a pre-authentication vulnerability that bypasses security controls before login verification occurs. The flaw exposes organisations running these widely-deployed remote access tools to direct takeover risk. Remote Support and Privileged Remote Access serve as critical infrastructure for IT teams managing endpoints and servers across enterprise networks. Compromise of these products grants attackers administrative access to downstream systems that administrators manage through the platforms.

BeyondTrust customers operating vulnerable versions face immediate exposure. The vendor has not disclosed full technical details, but the pre-authentication nature indicates attackers need no valid credentials or special knowledge of target systems to exploit the flaw. This reduces the barrier for opportunistic attacks and increases risk of rapid exploitation once patches deploy.

The company's patch timeline and affected version numbers determine exposure windows. Organisations should prioritise applying updates across all Remote Support and PRA deployments, particularly those accessible from external networks. Even air-gapped implementations warrant urgent patching if they synchronise data with internet-connected systems.

BeyondTrust products receive heavy use in managed service provider environments where single compromises cascade to multiple customer organisations. MSPs relying on these tools should accelerate patch deployment across their customer base.

Network defenders should assume attackers research these flaws immediately upon disclosure. Detection of exploitation attempts becomes critical during patching windows. Log analysis for Remote Support and PRA instances should focus on authentication anomalies and administrative actions from unexpected sources. Network segmentation limiting remote access product access to necessary systems reduces blast radius if compromise occurs.

Organisations without current patch information should contact BeyondTrust directly for affected