An issue exists in BeyondTrust Privilege Management for Windows up to and including 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
beyondtrust privilege management for windows |
||
beyondtrust privilege management for windows 5.6 |