Privilege Management For Windows Security Vulnerabilities and Issues — Privilege Management For Windows CVE List

Lucene search

BeyondtrustPrivilege Management For Windows

3 matches found

CVE•added 2025/02/26 8:13 a.m.•52 views

CVE-2025-0889

Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process.

7.8CVSS6.4AI score0.00019EPSS

CVE•added 2025/07/28 4:15 p.m.•9 views

CVE-2025-2297

Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to admini...

7.8CVSS6.1AI score0.00015EPSS

CVE•added 2025/07/28 4:15 p.m.•7 views

CVE-2025-6250

Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.

7.1CVSS6.5AI score0.00014EPSS