CVE-2020-12613 (GCVE-0-2020-12613)

Vulnerability from cvelistv5 – Published: 2023-12-11 00:00 – Updated: 2024-08-04 12:04
VLAI?
Summary
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T12:04:21.681Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt22-11"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-11T21:57:24.386753",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1"
        },
        {
          "url": "https://www.beyondtrust.com/trust-center/security-advisories/bt22-11"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-12613",
    "datePublished": "2023-12-11T00:00:00",
    "dateReserved": "2020-05-01T00:00:00",
    "dateUpdated": "2024-08-04T12:04:21.681Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"5.6\", \"matchCriteriaId\": \"9E9A81CC-3192-447F-97C9-7913C5410962\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user.\"}, {\"lang\": \"es\", \"value\": \"Se descubri\\u00f3 un problema en BeyondTrust Privilege Management para Windows hasta 5.6. Un atacante puede generar un proceso con m\\u00faltiples usuarios como parte del token de seguridad (antes de la elevaci\\u00f3n de Avecto). Cuando Avecto eleva el proceso, elimina al usuario que inicia el proceso, pero no al segundo usuario. Por lo tanto, este segundo usuario a\\u00fan conserva el acceso y puede otorgar permiso para el proceso al primer usuario.\"}]",
      "id": "CVE-2020-12613",
      "lastModified": "2024-11-21T04:59:55.223",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2023-12-11T22:15:06.580",
      "references": "[{\"url\": \"https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.beyondtrust.com/trust-center/security-advisories/bt22-11\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://www.beyondtrust.com/trust-center/security-advisories/bt22-11\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-12613\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-12-11T22:15:06.580\",\"lastModified\":\"2024-11-21T04:59:55.223\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). When Avecto elevates the process, it removes the user who is launching the process, but not the second user. Therefore this second user still retains access and can give permission to the process back to the first user.\"},{\"lang\":\"es\",\"value\":\"Se descubri\u00f3 un problema en BeyondTrust Privilege Management para Windows hasta 5.6. Un atacante puede generar un proceso con m\u00faltiples usuarios como parte del token de seguridad (antes de la elevaci\u00f3n de Avecto). Cuando Avecto eleva el proceso, elimina al usuario que inicia el proceso, pero no al segundo usuario. Por lo tanto, este segundo usuario a\u00fan conserva el acceso y puede otorgar permiso para el proceso al primer usuario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:beyondtrust:privilege_management_for_windows:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.6\",\"matchCriteriaId\":\"9E9A81CC-3192-447F-97C9-7913C5410962\"}]}]}],\"references\":[{\"url\":\"https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.beyondtrust.com/trust-center/security-advisories/bt22-11\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.beyondtrust.com/support/changelog/privilege-management-for-windows-5-6-sr1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://www.beyondtrust.com/trust-center/security-advisories/bt22-11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.