CVE-2020-12613 - OpenCVE

An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Beyondtrust	Privilege Management For Windows

Configuration 1 [-]

cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*

References

Link	Resource
https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1	Release Notes
https://www.beyondtrust.com/trust-center/security-advisories/bt22-11	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-11T00:00:00

Updated: 2023-12-11T21:57:24.386753

Reserved: 2020-05-01T00:00:00

Link: CVE-2020-12613

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-12-11T22:15:06.580

Modified: 2023-12-14T16:37:11.820

Link: CVE-2020-12613

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "9E9A81CC-3192-447F-97C9-7913C5410962", "versionEndIncluding": "5.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en BeyondTrust Privilege Management para Windows hasta 5.6. Un atacante puede generar un proceso con m\u00faltiples usuarios como parte del token de seguridad (antes de la elevaci\u00f3n de Avecto). Cuando Avecto eleva el proceso, elimina al usuario que inicia el proceso, pero no al segundo usuario. Por lo tanto, este segundo usuario a\u00fan conserva el acceso y puede otorgar permiso para el proceso al primer usuario."}], "id": "CVE-2020-12613", "lastModified": "2023-12-14T16:37:11.820", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-11T22:15:06.580", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt22-11"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}