Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
beyondtrust privilege management for windows vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2020-12612
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefore uses the %ProgramFiles(x86)% environment variable. However, when this same ...
Beyondtrust Privilege Management For Windows
Beyondtrust Privilege Management For Windows 5.6
7.8
CVSSv3
CVE-2020-12615
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary proc...
Beyondtrust Privilege Management For Windows
Beyondtrust Privilege Management For Windows 5.6
7.5
CVSSv3
CVE-2020-9326
BeyondTrust Privilege Management for Windows and Mac (aka PMWM; formerly Avecto Defendpoint) 5.1 up to and including 5.5 prior to 5.5 SR1 mishandles command-line arguments with PowerShell .ps1 file extensions present, leading to a DefendpointService.exe crash.
Beyondtrust Privilege Management For Windows And Mac
Beyondtrust Privilege Management For Windows And Mac 5.5
6.7
CVSSv3
CVE-2023-49944
The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) prior to 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Age...
Beyondtrust Privilege Management For Windows
7.8
CVSSv3
CVE-2020-12614
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate (and also requires that the certificate is valid). If an Add Admin token is p...
Beyondtrust Privilege Management For Windows
7.8
CVSSv3
CVE-2020-28369
In BeyondTrust Privilege Management for Windows (aka PMfW) up to and including 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp.
Beyondtrust Privilege Management For Windows
7.8
CVSSv3
CVE-2021-42254
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.
Beyondtrust Privilege Management For Windows
8.8
CVSSv3
CVE-2020-12613
An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the proce...
Beyondtrust Privilege Management For Windows
6.3
CVSSv3
CVE-2024-25083
An issue exists in BeyondTrust Privilege Management for Windows prior to 24.1. When an low-privileged user initiates a repair, there is an attack vector through which the user is able to execute any program with elevated privileges.
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-44852
CVE-2024-3400
CVE-2024-30129
insecure direct object reference
CVE-2024-12115
CVE-2024-11220
CVE-2024-51378
privilege escalation
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started