Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
beyondtrust privilege management for windows vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-12612
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefore uses the %ProgramFiles(x86)% environment variable. However, when this same ...
Beyondtrust Privilege Management For Windows
Beyondtrust Privilege Management For Windows 5.6
NA
CVE-2020-12615
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary proc...
Beyondtrust Privilege Management For Windows
Beyondtrust Privilege Management For Windows 5.6
445
VMScore
CVE-2020-9326
BeyondTrust Privilege Management for Windows and Mac (aka PMWM; formerly Avecto Defendpoint) 5.1 up to and including 5.5 prior to 5.5 SR1 mishandles command-line arguments with PowerShell .ps1 file extensions present, leading to a DefendpointService.exe crash.
Beyondtrust Privilege Management For Windows And Mac
Beyondtrust Privilege Management For Windows And Mac 5.5
NA
CVE-2020-28369
In BeyondTrust Privilege Management for Windows (aka PMfW) up to and including 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp.
Beyondtrust Privilege Management For Windows
641
VMScore
CVE-2021-42254
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.
Beyondtrust Privilege Management For Windows
NA
CVE-2023-49944
The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) prior to 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Age...
Beyondtrust Privilege Management For Windows
NA
CVE-2020-12614
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate (and also requires that the certificate is valid). If an Add Admin token is p...
Beyondtrust Privilege Management For Windows
NA
CVE-2020-12613
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the proce...
Beyondtrust Privilege Management For Windows
NA
CVE-2024-25083
An issue exists in BeyondTrust Privilege Management for Windows prior to 24.1. When an low-privileged user initiates a repair, there is an attack vector through which the user is able to execute any program with elevated privileges.
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started