An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user.
References
Link | Resource |
---|---|
https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1 | Release Notes |
https://www.beyondtrust.com/trust-center/security-advisories/bt22-11 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-11T00:00:00
Updated: 2023-12-11T21:57:24.386753
Reserved: 2020-05-01T00:00:00
Link: CVE-2020-12613
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-11T22:15:06.580
Modified: 2023-12-14T16:37:11.820
Link: CVE-2020-12613
JSON object: View
Redhat Information
No data.
CWE