Code Injection Vulnerability in BeyondTrust Privilege Management for Windows
CVE-2020-28369

Currently unrated

Key Information:

Vendor: BeyondTrust
Status: Privilege Management for Windows
Vendor: CVE Published:; 12 December 2023

🔔 Create BeyondTrust Vulnerability Alert

What is CVE-2020-28369?

A vulnerability exists in BeyondTrust Privilege Management for Windows, where the installation as SYSTEM allows the loading of Cryptbase.dll from the user-writable directory %WINDIR%\Temp. This can be exploited to execute arbitrary code, posing a significant risk to system integrity and security.

References

https://www.beyondtrust.com/privilege-management/windows-mac

https://www.beyondtrust.com/trust-center/security-advisor...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2023
Vulnerability Reserved
Nov 9, 2020