Vulnerabilities > CVE-2020-9326 - Unspecified vulnerability in Beyondtrust Privilege Management for Windows and mac

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

beyondtrust

NVD

Published: 2020-03-18

Updated: 2021-07-21

Summary

BeyondTrust Privilege Management for Windows and Mac (aka PMWM; formerly Avecto Defendpoint) 5.1 through 5.5 before 5.5 SR1 mishandles command-line arguments with PowerShell .ps1 file extensions present, leading to a DefendpointService.exe crash.

Vulnerable Configurations

Part	Description	Count
Application	Beyondtrust Beyondtrust Privilege Management FOR Windows AND MAC 5.5 Beyondtrust Privilege Management FOR Windows AND MAC 5.1 Beyondtrust Privilege Management FOR Windows AND MAC 5.4 Beyondtrust Privilege Management FOR Windows AND MAC 5.4.123	5

References

https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-5-sr1