Alert icon Keyboard navigation enabled.
Alert icon TAB or Shift+TAB to navigate across. Down ↓ to open menu. ESC to close menu.
Alert icon Down ↓ to select section. Right → to activate. Up ↑ / Down ↓ / Tab to traverse all. ESC to exit.
BeyondTrust
Skip to content Use space or enter to skip.

What can we help you find today?

Instant Results
  • Website Results
  • Technical Documentation

Filter Options

Focus your search

Filtering by

Your recent searches:

Contact Us Chat with Sales Get Support
  • English
  • Deutsch
  • français
  • español
  • 한국어
  • português
  • Home
  • BT24-01 current page
Link copied

BT 24-01

Security Advisories

Advisory ID: BT24-01

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • CVSSv3 Score: 6.3 AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
  • Severity: Medium
  • Issue Date: 2024-02-14
  • Updated On: 2024-02-14
  • CVE(s): CVE-2024-25083

Synopsis:

Prior to version 24.1, a local authenticated attacker with privileges to initiate a repair on Privilege Management for Windows could hijack the elevated process to execute arbitrary programs with elevated privileges. This attack is mitigated by anti-tamper restrictions and policy restrictions.

Impacted Product:

Privilege Management for Windows

Mitigation Details:

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

1. Create a new application group (e.g., AppGroup1) with the following criteria:

a. File or Folder Name matches:

--- File or Folder Name: PGUserMode perform matching using: contains

b. Product Name matches:

--- Product Name: BeyondTrust Privilege Management

--- Match case: Yes

--- Perform Match Using: Exact Match

c. Publisher matches:

--- Publisher: BeyondTrust Corporation

--- Match Case: Yes

--- Perform Match Using: Exact Match

d. Product Description matches:

--- Product Description: BeyondTrust Privilege Management User Mode Utility

--- Match Case: Yes

--- Perform Match Using: Exact Match

e. Trusted Ownership matches:

--- Advanced options: only "Force standard user rights on File Open/Save common dialogs" option is enabled

2. Create a new application group (e.g., AppGroup2) with the following criteria:

a. File or Folder Name matches:

--- File or Folder name: *

--- Perform match using: Regular Expressions

b. Parent Process matches:

--- Parent Process Group: AppGroup1 (name of the group you created above)

c. Advanced Options: only "Force standard user rights on File Open/Save common dialogs" option is enabled

3. Create a new Application Rule

--- Target Application Group: AppGroup2 (name of the second group you created above)

--- Action: Allow Execution

--- End User Message: Off

--- Access Token: Enforce User's Default Rights

Affected Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
Privilege Management for Windows Prior to 24.1

Fixed Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
Privilege Management for Windows 24.1

Acknowledgments

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

BeyondTrust would like to thank Andreas Aaris-Larsen of Banshie Cyber Security Services for reporting this vulnerability to us through our secure channel.

References

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  1. https://www.cve.org/CVERecord?id=CVE-2024-25083

Keep up with BeyondTrust

Customer Support Get Started
  • LinkedIn
  • X
  • Facebook
  • Instagram
  • Add BeyondTrust as a preferred source on Google
  • Privacy
  • Security
  • Manage Cookies
  • Do Not Sell My Data
  • WEEE Compliance

Copyright © 2003 — 2026 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.

Prefers reduced motion setting detected. Animations will now be reduced as a result.