Privilege Management For Windows
Approved changes feed: RSS · Atom
cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Beyondtrust (673561b0-1cd3-565b-80ef-06b287294740) |
|---|---|
| Product | Privilege Management For Windows (870b1433-00e4-5fef-ab3f-560293ae77d0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-1232 |
vulnerable | 2026-06-03 15:14:43.971842 |
Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions <=25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration.
Published: 2026-02-02T16:18:47.242Z
Updated: 2026-02-02T16:35:48.876Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-6250 |
vulnerable | 2026-06-03 15:12:27.102195 |
Privilege Management for Windows - Elevation of Privilege
Prior to 25.4.270.0, when wmic.exe is elevated with a full admin token the user can stop the Defendpoint service, bypassing anti-tamper protections. Once the service is disabled, the malicious user can add themselves to Administrators group and run any process with elevated permissions.
Published: 2025-07-28T15:40:28.381Z
Updated: 2025-07-28T17:22:45.226Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2297 |
vulnerable | 2026-06-03 15:00:25.206633 |
Privilege Management for Windows - Elevation of Privilege
Prior to version 25.4.270.0, a local authenticated attacker can manipulate user profile files to add illegitimate challenge response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator.
Published: 2025-07-28T15:40:14.633Z
Updated: 2025-07-28T17:22:18.590Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-0889 |
vulnerable | 2026-06-03 14:58:33.169424 |
Privilege Management for Windows – Elevation of Privilege
Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process.
Published: 2025-02-26T01:41:25.407Z
Updated: 2025-02-26T15:43:14.546Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-25083 |
vulnerable | 2026-06-03 14:55:06.368320 |
Details available
MEDIUM (6.3)
An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. When an low-privileged user initiates a repair, there is an attack vector through which the user is able to execute any program with elevated privileges.
Published: 2024-02-16T00:00:00.000Z
Updated: 2024-08-28T15:31:10.756Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-1591 |
vulnerable | 2026-06-03 14:54:33.992953 |
Privilege Management for Windows < 24.1 Information Leak
LOW (3.3)
Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.
Published: 2024-02-16T18:54:33.382Z
Updated: 2024-08-01T18:48:20.658Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-49944 |
vulnerable | 2026-06-03 14:53:26.786240 |
Details available
The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature.
Published: 2023-12-25T00:00:00.000Z
Updated: 2024-08-02T22:09:49.439Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-42254 |
vulnerable | 2026-06-03 14:45:27.000212 |
Details available
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.
Published: 2021-11-19T18:04:10.000Z
Updated: 2024-08-04T03:30:37.733Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-28369 |
vulnerable | 2026-06-03 14:42:19.341583 |
Details available
In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp.
Published: 2023-12-12T00:00:00.000Z
Updated: 2024-08-04T16:33:59.223Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-12615 |
vulnerable | 2026-06-03 14:41:35.022090 |
Details available
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes.
Published: 2023-12-12T00:00:00.000Z
Updated: 2024-08-28T16:30:49.711Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-12614 |
vulnerable | 2026-06-03 14:41:35.021720 |
Details available
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate (and also requires that the certificate is valid). If an Add Admin token is protected by this criteria, it can be leveraged by a malicious actor to achieve Elevation of Privileges from standard user to administrator.
Published: 2023-12-12T00:00:00.000Z
Updated: 2024-08-04T12:04:21.620Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-12613 |
vulnerable | 2026-06-03 14:41:35.021342 |
Details available
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user.
Published: 2023-12-11T00:00:00.000Z
Updated: 2024-08-04T12:04:21.681Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-12612 |
vulnerable | 2026-06-03 14:41:35.020191 |
Details available
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefore uses the %ProgramFiles(x86)% environment variable. However, when this same policy gets pushed to a 32bit machine, this environment variable does not exist. Therefore, since the standard user can create a user level environment variable, they can repoint this variable to any folder the user has full control of. Then, the folder structure can be created in such a way that a rule matches and arbitrary code runs elevated.
Published: 2023-12-12T00:00:00.000Z
Updated: 2024-08-04T12:04:21.637Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.