Filtered by vendor Beyondtrust
Subscribe
Filtered by product Privilege Management For Windows
Subscribe
Total
7 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-12615 | 1 Beyondtrust | 1 Privilege Management For Windows | 2024-08-28 | N/A | 7.8 HIGH |
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes. | |||||
CVE-2020-12614 | 1 Beyondtrust | 1 Privilege Management For Windows | 2024-08-01 | N/A | 7.8 HIGH |
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate (and also requires that the certificate is valid). If an Add Admin token is protected by this criteria, it can be leveraged by a malicious actor to achieve Elevation of Privileges from standard user to administrator. | |||||
CVE-2020-28369 | 1 Beyondtrust | 1 Privilege Management For Windows | 2024-02-28 | N/A | 7.8 HIGH |
In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp. | |||||
CVE-2020-12612 | 1 Beyondtrust | 1 Privilege Management For Windows | 2024-02-28 | N/A | 7.8 HIGH |
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefore uses the %ProgramFiles(x86)% environment variable. However, when this same policy gets pushed to a 32bit machine, this environment variable does not exist. Therefore, since the standard user can create a user level environment variable, they can repoint this variable to any folder the user has full control of. Then, the folder structure can be created in such a way that a rule matches and arbitrary code runs elevated. | |||||
CVE-2020-12613 | 1 Beyondtrust | 1 Privilege Management For Windows | 2024-02-28 | N/A | 8.8 HIGH |
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user. | |||||
CVE-2023-49944 | 1 Beyondtrust | 1 Privilege Management For Windows | 2024-02-28 | N/A | 6.7 MEDIUM |
The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature. | |||||
CVE-2021-42254 | 1 Beyondtrust | 1 Privilege Management For Windows | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions. |