CVE-2020-12613

CVE Database · CVE-2020-12613

CVE-2020-12613

· HIGHModified

CVSS v3.1

8.8

EPSS

0.77%

Published

Dec 11, 2023

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products (1)

beyondtrust · privilege_management_for_windowsvulnerable

References (4)

https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1

Release Notes

https://www.beyondtrust.com/trust-center/security-advisories/bt22-11

Vendor Advisory

https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1

Release Notes

https://www.beyondtrust.com/trust-center/security-advisories/bt22-11

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs