An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. When an low-privileged user initiates a repair, there is an attack vector through which the user is able to execute any program with elevated privileges.
References
| Link | Resource |
|---|---|
| https://www.beyondtrust.com/trust-center/security-advisories/bt24-01 | Vendor Advisory |
| https://www.beyondtrust.com/trust-center/security-advisories/bt24-01 | Vendor Advisory |
Configurations
History
27 Mar 2025, 14:26
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.beyondtrust.com/trust-center/security-advisories/bt24-01 - Vendor Advisory | |
| First Time |
Beyondtrust
Beyondtrust privilege Management For Windows |
|
| CPE | cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:* |
21 Nov 2024, 09:00
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.beyondtrust.com/trust-center/security-advisories/bt24-01 - |
28 Aug 2024, 16:35
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
|
| CWE | CWE-266 |
16 Feb 2024, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-16 21:15
Updated : 2025-03-27 14:26
NVD link : CVE-2024-25083
Mitre link : CVE-2024-25083
CVE.ORG link : CVE-2024-25083
JSON object : View
Products Affected
beyondtrust
- privilege_management_for_windows
CWE
CWE-266
Incorrect Privilege Assignment