An issue exists in BeyondTrust Privilege Management for Mac prior to 5.7. An authenticated, unprivileged user can elevate privileges by running a malicious script (that executes as root from a temporary directory) during install time. (This applies to macOS prior to 10.15.5, or Security Update 2020-003 on Mojave and High Sierra, Later versions of macOS are not vulnerable.)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
beyondtrust privilege_management_for_mac |