BeyondTrust Privilege Management for Windows COM Object Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in BeyondTrust Privilege Management for Windows, affecting versions prior to 25.2. This vulnerability allows local authenticated attackers to elevate privileges by manipulating COM objects under certain conditions where an EPM policy permits automatic privilege elevation of a user process.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation on the affected system.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.0

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

0.0

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

BeyondTrust Privilege Management for Windows COM Object Privilege Escalation Vulnerability

Vulnerability

Impact

Affected Products

BeyondTrust Privilege Management for Windows

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating