261 matches found
BeyondTrust Privilege Management for Windows <= 25.7 Anti-Tamper Bypass (BT26-01)
The version of BeyondTrust Privilege Management for Windows installed on the remote host is prior to 25.8. It is, therefore, affected by a vulnerability as referenced in the BT26-01 advisory. - Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the...
CVE-2026-1232
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...
CVE-2026-1232
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...
EUVD-2026-5113
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...
CVE-2026-1232 Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...
CVE-2026-1232
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...
CVE-2026-1232
CVE-2026-1232 affects BeyondTrust Privilege Management for Windows, versions ≤ 25.7. The vulnerability is an anti-tamper bypass that can occur under certain conditions, allowing a local authenticated user with elevated privileges to access protected application components and modify product confi...
CVE-2026-1232 Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...
PT-2026-5680
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...
BeyondTrust Privilege Management 安全漏洞
BeyondTrust Privilege Management is a permissions management tool provided by BeyondTrust Corporation for Windows and Mac SaaS environments. Versions of BeyondTrust Privilege Management prior to 25.7 contained a security vulnerability that could allow bypassing tamper-proof protection in Windows,...
PT-2026-6803
Name of the Vulnerable Software and Affected Versions BeyondTrust Remote Support versions prior to 25.3.2 BeyondTrust Privileged Remote Access versions prior to 25.1.1 Description A pre-authentication operating system command injection flaw exists in BeyondTrust Remote Support and Privileged Remo...
CVE-2023-49944
The Challenge Response feature of BeyondTrust Privilege Management for Windows PMfW before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature...
CVE-2020-12615
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes...
CVE-2020-12613
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token prior to Avecto elevation. When Avecto elevates the process, it removes the user who is launching the process, but not the second...
CVE-2020-12614
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate and also requires that the certificate is valid. If an Add Admin token is protected by this...
CVE-2025-62159
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
EUVD-2025-33793
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...
CVE-2025-62159 External Secrets Operator's BeyondTrust Provider has Insecure Secret Retrieval
External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. A vulnerability was discovered in the BeyondTrust provider implementation for External Secrets Operator versions 0.10.1 through 0.19.2. The provider previously...