Vulnerabilities > CVE-2024-4018 - Unspecified vulnerability in Beyondtrust U-Series Appliance

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

beyondtrust

NVD

Published: 2024-04-19

Updated: 2025-02-11

Summary

Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (local appliance api modules) allows Privilege Escalation.This issue affects U-Series Appliance: from 3.4 before 4.0.3.

Vulnerable Configurations

Part	Description	Count
Application	Beyondtrust Beyondtrust U Series Appliance 3.4 Beyondtrust U Series Appliance 3.4.2 Beyondtrust U Series Appliance 3.4.3 Beyondtrust U Series Appliance 3.5 Beyondtrust U Series Appliance 4.0 Beyondtrust U Series Appliance 4.0.2	6
OS	Microsoft Microsoft Windows -	1

References

https://www.beyondtrust.com/docs/release-notes/u-series-appliance/bt-appliance-u-series-software-4-0-3.htm
https://www.beyondtrust.com/docs/release-notes/u-series-appliance/bt-appliance-u-series-software-4-0-3.htm