Privilege Escalation Vulnerability in BeyondTrust Privilege Management for Windows

Privilege Escalation Vulnerability in BeyondTrust Privilege Management for Windows

CVE-2020-12615 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes.

Learn more about our User Device Pen Test.