CVE-2020-12615

EPSS 0.2%CWE-269

An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes.

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1 https://www.beyondtrust.com/trust-center/security-advisories/bt22-07