BeyondTrust Advisories

This page contains information on security vulnerabilities that may impact BeyondTrust solutions.

Data and product security are extremely important to us here at BeyondTrust. If you are a security researcher and you believe you have discovered a security vulnerability in one of our products or services, please follow responsible disclosure guidelines to bring it to our attention so we can address it as quickly as possible.

Disclosure guidelines can be found here.

ID Severity CVSSv3 Score Description Public Date
BT24-02 Low 3.3
  • Privilege Management for Windows - GPO Policy Information Leak
  • CVE-2024-1591
2024-02-14
BT24-01 Medium 6.3
  • Local authenticated attacker with privileges to initiate a repair on Privilege Management for Windows could hijack the elevated process to execute arbitrary programs with elevated privileges
  • CVE-2024-25083
2024-02-14
BT23-08 Medium 6.7
  • Unprotected administrative access to Challenge-Response shared key can lead to Privilege Escalation
  • CVE-2023-49944
2023-12-08
BT23-05 Critical 9.8
  • Command injection vulnerability which can be exploited through a malicious HTTP request
  • CVE-2023-4310
2023-07-28
BT22-06 Medium 6.8
  • Elevation of Privilege in Privilege Management for Mac (PMfM) Installer
  • CVE-2021-3187
2021-02-01
BT22-07 Medium 6.8
  • Elevation of Privilege in Privilege Management for Windows (PMfW) Installer
  • CVE-2020-12615
2020-08-01
BT22-08 Medium 5.5
  • DLL Hijacking in Privilege Management for Windows (PMfW) Installer
  • CVE-2020-28369
2020-08-01
BT22-09 Medium 6.5
  • OS Environment Variable Querying in Privilege Management for Windows (PMfW)
  • CVE-2020-12612
2020-08-01
BT22-10 High 7.1
  • Publisher Matching Criteria Bypass in Privilege Management for Windows (PMfW)
  • CVE-2020-12614
2020-08-01
BT22-11 Medium 6.2
  • Second user elevation of Privilege in Privilege Management for Windows (PMfW)
  • CVE-2020-12613
2020-08-01
Prefers reduced motion setting detected. Animations will now be reduced as a result.