12 matches found
CVE-2025-0889
CVE-2025-0889 affects BeyondTrust Privilege Management for Windows prior to version 25.2. A local authenticated attacker can elevate privileges on a system that has EPM installed by manipulating COM objects under circumstances where an EPM policy allows automatic privilege elevation of a user pro...
CVE-2024-1591
The CVE-2024-1591 issue affects BeyondTrust’s Privilege Management for Windows (prior to version 24.1). A local authenticated attacker can view Sysvol when the product is configured to use a GPO policy, enabling potential discovery of configuration issues and policy details. The connected PT-2024...
CVE-2024-25083
Vulnerability summary (CVE-2024-25083) : BeyondTrust Privilege Management for Windows, before version 24.1, contains a flaw where a low-privileged user initiating a repair can cause arbitrary programs to run with elevated privileges. Root cause: flawed handling of the repair flow enabling privile...
CVE-2023-49944
BeyondTrust Privilege Management for Windows (PMfW) versions prior to 2023-07-14 contain a vulnerability in the Challenge Response feature that allows local admins to bypass the protection by decrypting the shared key or locating the decrypted key in process memory. The threat is mitigated by ena...
CVE-2021-42254
BeyondTrust Privilege Management prior to version 21.6 exposes a vulnerability where a temporary file is created in a directory with insecure permissions. This is a LOCAL, low-attack complexity issue with high impact (confidentiality, integrity, and availability). Remediation: upgrade to version ...
CVE-2020-12613
BeyondTrust Privilege Management for Windows (up to version 5.6) is affected by CVE-2020-12613. An attacker can spawn a process with multiple users in the security token; during Avecto elevation the launcher’s user is removed, but a second user remains in the token and can grant permissions back ...
CVE-2020-12614
BeyondTrust Privilege Management for Windows (up to version 5.6) contains a local-elevation flaw where the publisher criteria, when enabled, requires a certificate to include a specific publisher name and to be valid. If an Add Admin token is protected by this criteria, a malicious user could ele...
CVE-2020-12612
The CVE describes BeyondTrust Privilege Management for Windows up to version 5.6, where a 32‑bit policy push can fail to provide %ProgramFiles(x86)% support. A standard user can override a user-level environment variable to point to a custom folder, enabling a crafted directory structure that mat...
CVE-2025-6250
CVE-2025-6250 — Normal mode : Multiple sources describe a privilege escalation in BeyondTrust Privilege Management for Windows prior to 25.4.270.0 via wmic.exe. When a user runs wmic.exe with a full admin token, they can stop the Defendpoint service, bypass anti-tamper protections, and add themse...
CVE-2020-12615
BeyondTrust Privilege Management for Windows (versions through 5.6) contains a local privilege escalation vulnerability: when the Add Admin token is added to a process and configured to run at medium integrity with the user owning the process, the token can be stolen and applied to arbitrary proc...
CVE-2020-28369
BeyondTrust Privilege Management for Windows (PMfW) up to version 5.7 is affected. The issue arises when a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable %WINDIR%\Temp, enabling potential DLL hijacking and code injection. Affected component is Cryptbase.dll loaded du...
CVE-2025-2297
BeyondTrust Privilege Management for Windows before version 25.4.270.0 is affected by CVE-2025-2297, where a locally authenticated user can modify their own profile files to inject illegitimate challenge response codes into the local registry, enabling elevation to Administrator. Remediation from...