Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process.
oryginał ENCVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XBeyondtrust Privilege Management For Windows
APPBeyondtrust< 25.2
Powiązane podatności
Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint servi...
Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitim...
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria...
In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase...
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin...