Lucene search
K
BeyondtrustPrivilege Management For Windows

12 matches found

CVE
CVE
added 2025/02/26 1:41 a.m.71 views

CVE-2025-0889

CVE-2025-0889 affects BeyondTrust Privilege Management for Windows prior to version 25.2. A local authenticated attacker can elevate privileges on a system that has EPM installed by manipulating COM objects under circumstances where an EPM policy allows automatic privilege elevation of a user pro...

7.8CVSS6.4AI score0.00196EPSS
CVE
CVE
added 2024/02/16 6:54 p.m.57 views

CVE-2024-1591

The CVE-2024-1591 issue affects BeyondTrust’s Privilege Management for Windows (prior to version 24.1). A local authenticated attacker can view Sysvol when the product is configured to use a GPO policy, enabling potential discovery of configuration issues and policy details. The connected PT-2024...

3.3CVSS3.7AI score0.00156EPSS
CVE
CVE
added 2024/02/16 12:0 a.m.57 views

CVE-2024-25083

Vulnerability summary (CVE-2024-25083) : BeyondTrust Privilege Management for Windows, before version 24.1, contains a flaw where a low-privileged user initiating a repair can cause arbitrary programs to run with elevated privileges. Root cause: flawed handling of the repair flow enabling privile...

7.8CVSS6.5AI score0.00133EPSS
CVE
CVE
added 2023/12/25 12:0 a.m.47 views

CVE-2023-49944

BeyondTrust Privilege Management for Windows (PMfW) versions prior to 2023-07-14 contain a vulnerability in the Challenge Response feature that allows local admins to bypass the protection by decrypting the shared key or locating the decrypted key in process memory. The threat is mitigated by ena...

6.7CVSS6.4AI score0.00185EPSS
CVE
CVE
added 2021/11/19 6:4 p.m.41 views

CVE-2021-42254

BeyondTrust Privilege Management prior to version 21.6 exposes a vulnerability where a temporary file is created in a directory with insecure permissions. This is a LOCAL, low-attack complexity issue with high impact (confidentiality, integrity, and availability). Remediation: upgrade to version ...

7.8CVSS7.5AI score0.00288EPSS
CVE
CVE
added 2023/12/11 12:0 a.m.40 views

CVE-2020-12613

BeyondTrust Privilege Management for Windows (up to version 5.6) is affected by CVE-2020-12613. An attacker can spawn a process with multiple users in the security token; during Avecto elevation the launcher’s user is removed, but a second user remains in the token and can grant permissions back ...

8.8CVSS8.6AI score0.00774EPSS
CVE
CVE
added 2023/12/12 12:0 a.m.38 views

CVE-2020-12614

BeyondTrust Privilege Management for Windows (up to version 5.6) contains a local-elevation flaw where the publisher criteria, when enabled, requires a certificate to include a specific publisher name and to be valid. If an Add Admin token is protected by this criteria, a malicious user could ele...

8.4CVSS7.5AI score0.00142EPSS
CVE
CVE
added 2023/12/12 12:0 a.m.31 views

CVE-2020-12612

The CVE describes BeyondTrust Privilege Management for Windows up to version 5.6, where a 32‑bit policy push can fail to provide %ProgramFiles(x86)% support. A standard user can override a user-level environment variable to point to a custom folder, enabling a crafted directory structure that mat...

7.8CVSS7.7AI score0.00256EPSS
CVE
CVE
added 2025/07/28 3:40 p.m.31 views

CVE-2025-6250

CVE-2025-6250 — Normal mode : Multiple sources describe a privilege escalation in BeyondTrust Privilege Management for Windows prior to 25.4.270.0 via wmic.exe. When a user runs wmic.exe with a full admin token, they can stop the Defendpoint service, bypass anti-tamper protections, and add themse...

7.1CVSS6.5AI score0.00158EPSS
CVE
CVE
added 2023/12/12 12:0 a.m.30 views

CVE-2020-12615

BeyondTrust Privilege Management for Windows (versions through 5.6) contains a local privilege escalation vulnerability: when the Add Admin token is added to a process and configured to run at medium integrity with the user owning the process, the token can be stolen and applied to arbitrary proc...

7.8CVSS7.6AI score0.00224EPSS
CVE
CVE
added 2023/12/12 12:0 a.m.30 views

CVE-2020-28369

BeyondTrust Privilege Management for Windows (PMfW) up to version 5.7 is affected. The issue arises when a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable %WINDIR%\Temp, enabling potential DLL hijacking and code injection. Affected component is Cryptbase.dll loaded du...

7.8CVSS7.5AI score0.00233EPSS
CVE
CVE
added 2025/07/28 3:40 p.m.28 views

CVE-2025-2297

BeyondTrust Privilege Management for Windows before version 25.4.270.0 is affected by CVE-2025-2297, where a locally authenticated user can modify their own profile files to inject illegitimate challenge response codes into the local registry, enabling elevation to Administrator. Remediation from...

7.8CVSS6.1AI score0.00127EPSS