• CVSSv3 Score: 6.8
  • Issue Date: 2021-02-01
  • Updated On: 2023-12-05
  • CVE(s): CVE-2021-3187


Elevation of Privilege in Privilege Management for Mac (PMfM) Installer

Impacted Product:

Privilege Management for Mac (PMfM)


A medium severity vulnerability was discovered and verified in BeyondTrust’s Privilege Management for Mac (PMfM) that could allow an attacker to elevate their privileges. Two files in the PMfM installer had incorrect file permissions applied which could enable a user elevated privileges on their machine.


The permissions of these files in Privilege Management for Mac installer have been reconfigured to provide the correct level of privileges. This has also been fixed with a macOS security patch.

This change was implemented in PMfM version 5.7. BeyondTrust recommend customers update to the latest version of PMfM as soon as possible.

Product Version
Privilege Management for Mac (PMfM) Prior to 5.7
Product Version
Privilege Management for Mac (PMfM) 5.7 and above

BeyondTrust would like to acknowledge Lockheed Martin Red team for reporting this issue.


  1. https://www.cve.org/CVERecord?id=CVE-2021-3187
  2. https://nvd.nist.gov/vuln/detail/CVE-2021-3187
Prefers reduced motion setting detected. Animations will now be reduced as a result.