CVE-2020-12613

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

A

n issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user.

References

Link	Resource
https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1	Release Notes
https://www.beyondtrust.com/trust-center/security-advisories/bt22-11	Vendor Advisory
https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1	Release Notes
https://www.beyondtrust.com/trust-center/security-advisories/bt22-11	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:59

Type	Values Removed	Values Added
References	~~() https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1 - Release Notes~~	() https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1 - Release Notes
References	~~() https://www.beyondtrust.com/trust-center/security-advisories/bt22-11 - Vendor Advisory~~	() https://www.beyondtrust.com/trust-center/security-advisories/bt22-11 - Vendor Advisory

Information

Published : 2023-12-11 22:15

Updated : 2024-11-21 04:59

NVD link : CVE-2020-12613

Mitre link : CVE-2020-12613

CVE.ORG link : CVE-2020-12613

JSON object : View

Products Affected

beyondtrust

privilege_management_for_windows

CWE

NVD-CWE-noinfo

{"id": "CVE-2020-12613", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2023-12-11T22:15:06.580", "references": [{"url": "https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1", "tags": ["Release Notes"], "source": "[email protected]"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt22-11", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1", "tags": ["Release Notes"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.beyondtrust.com/trust-center/security-advisories/bt22-11", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en BeyondTrust Privilege Management para Windows hasta 5.6. Un atacante puede generar un proceso con m\u00faltiples usuarios como parte del token de seguridad (antes de la elevaci\u00f3n de Avecto). Cuando Avecto eleva el proceso, elimina al usuario que inicia el proceso, pero no al segundo usuario. Por lo tanto, este segundo usuario a\u00fan conserva el acceso y puede otorgar permiso para el proceso al primer usuario."}], "lastModified": "2024-11-21T04:59:55.223", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E9A81CC-3192-447F-97C9-7913C5410962", "versionEndIncluding": "5.6"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}