Skip to main content

Privilege Management For Windows

5 CVEs product

Monthly

CVE-2025-0889 HIGH This Week

Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Privilege Management For Windows Windows
NVD
CVSS 4.0
7.2
EPSS
0.0%
CVE-2024-25083 HIGH This Week

An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Privilege Management For Windows
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-1591 LOW Monitor

Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Privilege Management For Windows
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2023-49944 MEDIUM This Month

The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Privilege Management For Windows
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2021-42254 HIGH This Week

BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Privilege Management For Windows
NVD GitHub
CVSS 3.1
7.8
EPSS
0.3%
EPSS 0% CVSS 7.2
HIGH This Week

Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Privilege Management For Windows +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An issue was discovered in BeyondTrust Privilege Management for Windows before 24.1. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Privilege Management For Windows
NVD
EPSS 0% CVSS 3.3
LOW Monitor

Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Privilege Management For Windows
NVD
EPSS 0% CVSS 6.7
MEDIUM This Month

The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Privilege Management For Windows
NVD
EPSS 0% CVSS 7.8
HIGH This Week

BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory with Insecure Permissions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Privilege Management For Windows
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy