Companies using self-hosted versions of BeyondTrust Remote Support (RS) or Privileged Remote Access (PRA) should deploy patches for a critical vulnerability that allows attacks to execute OS commands without authentication. “Successful exploitation requires no authentication or user interaction and may lead to system compromise, including unauthorized access, data exfiltration, and service disruption,” BeyondTrust said in an advisory. The company released Patch BT26-02-RS for Remote Support versions 21.3 to 25.3.1 and Patch BT26-02-PRA for Privileged Remote Access versions 22.1 to 24.X. PRA versions 25.1 and greater are not affected by this vulnerability, however, versions older than those c...