An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes.
Metrics
Affected Vendors & Products
References
History
Wed, 28 Aug 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-269 |
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-12T00:00:00
Updated: 2024-08-28T16:30:49.711Z
Reserved: 2020-05-01T00:00:00
Link: CVE-2020-12615
Vulnrichment
Updated: 2024-08-04T12:04:22.229Z
NVD
Status : Modified
Published: 2023-12-12T13:15:06.820
Modified: 2024-11-21T04:59:55.607
Link: CVE-2020-12615
Redhat
No data.