CVE-2020-12613

Name of the Vulnerable Software and Affected Versions BeyondTrust Privilege Management for Windows versions through 5.6

Description An issue was discovered where an attacker can spawn a process with multiple users as part of the security token. When Avecto elevates the process, it removes the user who is launching the process, but not the second user, allowing the second user to retain access and potentially give permission to the process back to the first user.

Recommendations For versions through 5.6, consider disabling the Avecto elevation feature until a patch is available to prevent the exploitation of this issue. Restrict access to the security token to minimize the risk of unauthorized process spawning. Avoid using multiple users as part of the security token in the affected process until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.