BeyondTrust Privilege Management for Windows 5.6 -
Approved changes feed: RSS · Atom
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.6:-:*:*:*:*:*:*
part: a version: 5.6 update: -
| Vendor | Beyondtrust (673561b0-1cd3-565b-80ef-06b287294740) |
|---|---|
| Product | Privilege Management For Windows (870b1433-00e4-5fef-ab3f-560293ae77d0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-12615 |
vulnerable | 2026-06-03 14:41:35.022112 |
Details available
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes.
Published: 2023-12-12T00:00:00.000Z
Updated: 2024-08-28T16:30:49.711Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-12612 |
vulnerable | 2026-06-03 14:41:35.020976 |
Details available
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefore uses the %ProgramFiles(x86)% environment variable. However, when this same policy gets pushed to a 32bit machine, this environment variable does not exist. Therefore, since the standard user can create a user level environment variable, they can repoint this variable to any folder the user has full control of. Then, the folder structure can be created in such a way that a rule matches and arbitrary code runs elevated.
Published: 2023-12-12T00:00:00.000Z
Updated: 2024-08-04T12:04:21.637Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.