BT26-01

• CVSSv4 score: 6.8

• CVSSv4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

• Issue Date: 2026-02-02

• Updated On: 2026-02-02

• CVE(s): CVE-2026-1232

• CWE: CWE-693

• Synopsis: Privilege Management for Windows – Anti-Tamper Bypass

• Impacted Product: Privilege Management for Windows

A medium-severity vulnerability has been identified in Privilege Management for Windows. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration.

Privilege Management for Windows enforces protections by applying restrictions to elevated sessions to prevent modification of protected product components. In specific scenarios, these session restrictions may not be consistently enforced across all elevated execution paths. A local user who is already authorized to run elevated processes could potentially leverage this condition to circumvent the intended anti-tamper controls.

This issue does not allow unauthenticated access, remote exploitation, or privilege escalation from a standard user to administrator. Successful exploitation requires prior elevated privileges and local access to the system.

Upgrade Privilege Management for Windows to fixed versions – 25.8 or later.

https://www.cve.org/CVERecord?id=CVE-2026-1232

https://nvd.nist.gov/vuln/detail/CVE-2026-1232

https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0023100