An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Privilege_management_for_windows | Beyondtrust | * | 5.6 (excluding) |
Privilege_management_for_windows | Beyondtrust | 5.6 (including) | 5.6 (including) |