Filtered by vendor Beyondtrust
Subscribe
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12613 | 1 Beyondtrust | 1 Privilege Management For Windows | 2024-11-21 | N/A | 8.8 HIGH |
| An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user. | |||||
| CVE-2020-12612 | 1 Beyondtrust | 1 Privilege Management For Windows | 2024-11-21 | N/A | 7.8 HIGH |
| An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefore uses the %ProgramFiles(x86)% environment variable. However, when this same policy gets pushed to a 32bit machine, this environment variable does not exist. Therefore, since the standard user can create a user level environment variable, they can repoint this variable to any folder the user has full control of. Then, the folder structure can be created in such a way that a rule matches and arbitrary code runs elevated. | |||||
| CVE-2018-10959 | 1 Beyondtrust | 1 Avecto Defendpoint | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch. | |||||
| CVE-2017-5996 | 1 Beyondtrust | 1 Remote Support | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions. | |||||