Privilege Escalation Vulnerability in BeyondTrust Privilege Management for Windows

Privilege Escalation Vulnerability in BeyondTrust Privilege Management for Windows

CVE-2020-28369 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp.

Learn more about our User Device Pen Test.