Volerion logoVolerion
Volerion logoVolerion

BeyondTrust Privilege Management for Windows Elevation of Privilege Vulnerability

Vulnerability

A vulnerability allowing local authenticated attackers to elevate privileges has been identified in BeyondTrust Privilege Management for Windows, prior to version 25.4.270.0. Under certain conditions, attackers can manipulate user profile files to inject illegitimate challenge response codes into the local user registry. This exploitation enables users who can edit their profile files to gain administrator privileges.

Impact

Exploitation of this vulnerability allows for unauthorized elevation of privileges to administrator level.

Remediation

Users can upgrade to BeyondTrust Privilege Management for Windows version 25.4.270.0 or later to address this vulnerability. For versions prior to 25.4.270.0, it is recommended to avoid using 'forever' challenge response auto elevation permissions and to monitor the registry for any existing 'forever' response entries, making policy changes as needed.

Added: Jul 28, 2025, 4:17 PM
Updated: Jul 28, 2025, 4:17 PM

Vulnerability Rating

Custom Algorithm
spread
2.4
impact
5.0
exploitability
2.9
remediation
7.9
relevance
0.3
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.