An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated, unprivileged user can elevate privileges by running a malicious script (that executes as root from a temporary directory) during install time. (This applies to macOS before 10.15.5, or Security Update 2020-003 on Mojave and High Sierra, Later versions of macOS are not vulnerable.)
2023-12-11T23:15:07.530
2025-05-27T15:15:24.260
Modified
CVSSv3.1: 8.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | beyondtrust | privilege_management_for_mac | < 5.7 | Yes |
| Operating System | apple | mac_os_x | < 10.15.5 | No |
| Operating System | apple | mac_os_x | < 10.13.6 | No |
| Operating System | apple | mac_os_x | < 10.14.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.13.6 | No |
| Operating System | apple | mac_os_x | 10.14.6 | No |
| Operating System | apple | mac_os_x | 10.14.6 | No |
| Operating System | apple | mac_os_x | 10.14.6 | No |
| Operating System | apple | mac_os_x | 10.14.6 | No |
| Operating System | apple | mac_os_x | 10.14.6 | No |
| Operating System | apple | mac_os_x | 10.14.6 | No |
| Operating System | apple | mac_os_x | 10.14.6 | No |
| Operating System | apple | mac_os_x | 10.14.6 | No |
| Operating System | apple | mac_os_x | 10.14.6 | No |