A vulnerability categorized as critical has been discovered in BeyondTrust Remote Support and Privileged Remote Access up to 25.3.2/26.2.0. The impacted element is an unknown function. The manipulation results in improper access controls.
This vulnerability is reported as CVE-2026-40138. The attack can be launched remotely. No exploit exists.