U-Series Appliance 4.6.1 release notes
June 11th, 2026
🆕 New features
This is a maintenance release. There are no new features.
✨ Enhancements
This is a maintenance release. There are no new enhancements.
🛠️ Issues resolved
| Product area | Description | Resolution |
|---|---|---|
| Appliance Logs | BeyondInsight Admin API logs were not downloading on the Appliance Logs page when BeyondInsight 26.1 or later was installed , because the log file location moved to a new registry path in that version. | The Appliance Logs page now correctly locates BeyondInsight Admin API logs for BeyondInsight 26.1 and later, while maintaining backward compatibility with earlier versions. |
| Authentication | The login page accepted whitespace-only input in the username and password fields, bypassing UI validation and returning a generic authentication error instead of a field-level message. | The login page now validates that username and password fields do not contain whitespace-only input, and displays a proper validation message when blank or whitespace-only values are submitted. |
| Backup & Restore | When a backup failed due to insufficient disk space, the error message displayed size values in mb (which conventionally denotes megabit rather than megabyte), and did not convert large values to GB for readability. | Backup error messages now display size values in GB, consistent with the rest of the application. |
| Configuration | Manually configuring the date and time to a future date returned a 500 internal server error, leaving the configuration incomplete. | The appliance now correctly handles future dates when manually configuring date and time settings, without returning an internal server error. |
| Configuration Wizard | When performing a fresh install on an SF appliance using the Configuration Wizard with an existing database, the Configuration Status page displayed an error for the BeyondTrust Discovery agent, indicating the stored procedure dbo.ActivationKey_Insert could not be found. | The Configuration Wizard now correctly handles fresh installs with existing databases, completing the Configuration Status page without error. |
| Features and Services | The Feature Editor did not reflect the fix applied to the Configuration Wizard for the BeyondTrust Discovery agent activation key error, causing the same Configuration Status page error to occur when configuring via the Feature Editor. | The Feature Editor now applies the same fix as the Configuration Wizard, completing the Configuration Status page without error during fresh installs. |
| Features & Services | When stopping the BeyondInsight Manager Engine from the Service Status page, the stop command was triggered but the service did not consistently stop, and the UI did not update to reflect the actual service state. | The Service Status page now correctly validates the result of stop actions and updates the UI to accurately reflect the actual service state. |
| High Availability | When high availability (HA) was manually suspended and the primary appliance was rebooted, all HA-managed services remained stopped after the reboot and did not restart automatically. | The appliance now correctly starts required services on the primary node when transitioning to active state, even when HA is in manually suspended mode. |
| Support Package | When generating a support package for a service that had no logs available, the support package report provided no indication that the log folder was omitted, potentially causing confusion about missing content. | The support package report now includes a note when a service's log folder was not included because no logs were available to download. |
| Security | A weakness in how cryptographic keys were managed for backup integrity verification reduced the effectiveness of integrity checks. | Improved backup integrity verification key management. |
| Security | A weakness in the encryption configuration used to protect backup data reduced the strength of that protection. | Improved backup encryption. |
| Security | An additional weakness in the backup encryption implementation reduced the confidentiality of encrypted backup data. | Further improved backup encryption. |
| Security | A defect in backup integrity verification could allow integrity checks to pass when they should not. | Improved backup integrity verification. |
| Security | Insufficient input validation in encryption key import and export operations could allow unintended command execution. | Improved encryption key import and export handling. |
| Security | Insufficient input validation in the local account unlock workflow could allow unintended command execution. | Updated the local account unlock workflow. |
| Security | A defect in request validation in the Features Editor could allow unauthorized actions to be performed on behalf of authenticated users. | Improved the Features Editor. |
| Security | Insufficient validation in internal file operations could allow files to be written outside intended locations. | Improved internal file operations. |
| Security | Post-deployment initialization scripts did not reliably execute on newly configured appliances, potentially preventing local certificates and other required resources from being created. | Post-deployment scripts now run reliably on new appliance images, ensuring certificates and other required resources are correctly initialized. |
| Security | Insufficient input validation in network configuration handling could allow unintended command execution. | Improved network configuration handling. |
| Security | Insufficient input validation in SQL Server Reporting Services configuration could allow unintended code execution. | Improved SQL Server Reporting Services configuration. |
| Security | Insufficient validation in internal registry operations could allow unintended registry locations to be affected. | Improved internal registry operations. |
| Security | Some internal service communication did not consistently enforce authentication. | Updated internal service communication. |
| Security | Internal notification handling did not consistently enforce authentication, potentially allowing unintended notifications in the management interface. | Improved internal notification handling. |
| Security | SSO authentication tokens could be exposed through their method of transmission. | Updated SSO authentication. |
| Security | Insufficient input handling in backup and restore operations could allow unintended database queries. | Improved security posture of backup and restore operations. |
| Security | Insufficient parameter handling in SQL Server account management could allow unintended database queries. | Tightened parameter usage in SQL Server account management handling. |
| Security | Insufficient input handling in High Availability database configuration could allow unintended database queries. | Improved High Availability database configuration handling. |
| Security | Insufficient input handling in power management settings could allow unintended database queries. | Improved power management settings. |
| Security | Insufficient input handling in remote appliance synchronization (remote SUPI) could allow unintended database queries. | Remote appliance synchronization data (remote SUPI) is now written using parameterized database operations. |
| Security | A defect in the local password reset workflow could allow its verification step to be circumvented. | Improved the local password reset workflow. |
| Security | Internal service-to-service communication did not fully validate connection security, potentially exposing it to interception. | Improved internal service-to-service communication. |
| Security | A weakness in RDP two-factor authentication reduced the strength of the verification process. | Improved RDP two-factor authentication. |
| Security | A weakness in how internal authentication keys were generated could reduce the unpredictability of authentication tokens. | Improved internal authentication key generation. |
| Security | Internal authentication key material was stored with weaker access controls than intended. | Improved internal authentication key storage. |
| Security | Insufficient input validation in SQL Server Analysis Services configuration could allow generated scripts to be altered. | Improved SQL Server Analysis Services configuration. |
📝Requirements
- .NET 8.0 or later (available through BT Updater via Supporting Software SUPI subscription)
- SUPI 3.3.2 (available through BT Updater)
🧩 Dependencies
- Security Management Appliance is dependent on BeyondInsight 24.1
