CVE-2021-3187

Name of the Vulnerable Software and Affected Versions BeyondTrust Privilege Management for Mac versions prior to 5.7

Description An issue allows an authenticated, unprivileged user to elevate privileges by running a malicious script that executes as root from a temporary directory during install time. This issue applies to macOS before 10.15.5, or Security Update 2020-003 on Mojave and High Sierra. Later versions of macOS are not vulnerable.

Recommendations For versions prior to 5.7, update to version 5.7 or later to resolve the issue. As a temporary workaround, consider restricting the execution of scripts from temporary directories during install time to minimize the risk of exploitation.