Low-Privileged User Repair Vulnerability
CVE-2024-25083

7.8HIGH

Key Information:

Vendor: BeyondTrust
Status: Privilege Management For Windows
Vendor: CVE Published:; 16 February 2024

🔔 Create BeyondTrust Vulnerability Alert

What is CVE-2024-25083?

A vulnerability exists in BeyondTrust Privilege Management for Windows versions prior to 24.1 that allows a low-privileged user to exploit an attack vector. By initiating a repair, this user can execute any program with elevated privileges, potentially compromising the system's security and integrity.

References

https://www.beyondtrust.com/trust-center/security-advisor...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 16, 2024
Vulnerability Reserved
Feb 4, 2024