An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes.
History

Wed, 28 Aug 2024 18:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-12-12T00:00:00

Updated: 2024-08-28T16:30:49.711Z

Reserved: 2020-05-01T00:00:00

Link: CVE-2020-12615

cve-icon Vulnrichment

Updated: 2024-08-04T12:04:22.229Z

cve-icon NVD

Status : Modified

Published: 2023-12-12T13:15:06.820

Modified: 2024-08-28T17:35:00.743

Link: CVE-2020-12615

cve-icon Redhat

No data.