This page contains information on security vulnerabilities that may impact BeyondTrust solutions.

Data and product security are extremely important to us here at BeyondTrust. If you are a security researcher and you believe you have discovered a security vulnerability in one of our products or services, please follow responsible disclosure guidelines to bring it to our attention so we can address it as quickly as possible.

Disclosure guidelines can be found here.

ID Severity CVSSv3 Score Description Public Date
BT24-08 Medium 5.9 2024-06-11
BT24-07 Low 3.3 2024-06-11
BT24-06 Medium 4.3 2024-05-23
BT24-05 Medium 4.8 2024-05-23
BT24-04 High 8.8 2024-04-23
BT24-03 High 8.8
  • U-Series Appliance – Privilege Escalation via Local Appliance API
  • CVE-2024-4018
BT24-02 Low 3.3
  • Privilege Management for Windows – GPO Policy Information Leak
  • CVE-2024-1591
BT24-01 Medium 6.3
  • Local authenticated attacker with privileges to initiate a repair on Privilege Management for Windows could hijack the elevated process to execute arbitrary programs with elevated privileges
  • CVE-2024-25083
BT23-08 Medium 6.7
  • Unprotected administrative access to Challenge-Response shared key can lead to Privilege Escalation
  • CVE-2023-49944
BT23-05 Critical 9.8
  • Command injection vulnerability which can be exploited through a malicious HTTP request
  • CVE-2023-4310
BT22-06 Medium 6.8
  • Elevation of Privilege in Privilege Management for Mac (PMfM) Installer
  • CVE-2021-3187
BT22-07 Medium 6.8
  • Elevation of Privilege in Privilege Management for Windows (PMfW) Installer
  • CVE-2020-12615
BT22-08 Medium 5.5
  • DLL Hijacking in Privilege Management for Windows (PMfW) Installer
  • CVE-2020-28369
BT22-09 Medium 6.5
  • OS Environment Variable Querying in Privilege Management for Windows (PMfW)
  • CVE-2020-12612
BT22-10 High 7.1
  • Publisher Matching Criteria Bypass in Privilege Management for Windows (PMfW)
  • CVE-2020-12614
BT22-11 Medium 6.2
  • Second user elevation of Privilege in Privilege Management for Windows (PMfW)
  • CVE-2020-12613
Want to learn why over 20,000 customers chose BeyondTrust?
Prefers reduced motion setting detected. Animations will now be reduced as a result.