Vulnerabilities > Beyondtrust > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-12 CVE-2020-12614 Unspecified vulnerability in Beyondtrust Privilege Management for Windows
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6.
local
low complexity
beyondtrust
7.8
2023-12-12 CVE-2020-28369 Uncontrolled Search Path Element vulnerability in Beyondtrust Privilege Management for Windows
In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7, a SYSTEM installation causes Cryptbase.dll to be loaded from the user-writable location %WINDIR%\Temp.
local
low complexity
beyondtrust CWE-427
7.8
2023-12-12 CVE-2020-12612 Unspecified vulnerability in Beyondtrust Privilege Management for Windows
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6.
local
low complexity
beyondtrust
7.8
2023-12-12 CVE-2020-12615 Unspecified vulnerability in Beyondtrust Privilege Management for Windows
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6.
local
low complexity
beyondtrust
7.8
2023-12-11 CVE-2021-3187 Unspecified vulnerability in Beyondtrust Privilege Management for mac
An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7.
network
low complexity
beyondtrust
8.8
2023-12-11 CVE-2020-12613 Unspecified vulnerability in Beyondtrust Privilege Management for Windows
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6.
network
low complexity
beyondtrust
8.8
2023-10-12 CVE-2023-23632 Improper Authentication vulnerability in Beyondtrust Privileged Remote Access
BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass.
local
low complexity
beyondtrust CWE-287
7.8
2021-11-19 CVE-2021-42254 Exposure of Resource to Wrong Sphere vulnerability in Beyondtrust Privilege Management for Windows
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions.
local
low complexity
beyondtrust CWE-668
7.8
2021-01-26 CVE-2021-3156 Off-by-one Error vulnerability in multiple products
Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.
7.8
2020-03-18 CVE-2020-9326 Unspecified vulnerability in Beyondtrust Privilege Management for Windows and mac
BeyondTrust Privilege Management for Windows and Mac (aka PMWM; formerly Avecto Defendpoint) 5.1 through 5.5 before 5.5 SR1 mishandles command-line arguments with PowerShell .ps1 file extensions present, leading to a DefendpointService.exe crash.
network
low complexity
beyondtrust
7.5