An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate (and also requires that the certificate is valid). If an Add Admin token is protected by this criteria, it can be leveraged by a malicious actor to achieve Elevation of Privileges from standard user to administrator.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-12T00:00:00

Updated: 2024-08-04T12:04:21.620Z

Reserved: 2020-05-01T00:00:00

Link: CVE-2020-12614

cve-icon Vulnrichment

Updated: 2024-08-04T12:04:21.620Z

cve-icon NVD

Status : Modified

Published: 2023-12-12T15:15:07.363

Modified: 2024-11-21T04:59:55.383

Link: CVE-2020-12614

cve-icon Redhat

No data.