Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-49944

The Challenge Response feature of BeyondTrust Privilege Management for Windows (PMfW) before 2023-07-14 allows local administrators to bypass this feature by decrypting the shared key, or by locating the decrypted shared key in process memory. The threat is mitigated by the Agent Protection feature.

Published

2023-12-25T08:15:07.833

Last Modified

2024-11-21T08:34:03.213

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.7 (MEDIUM)

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	beyondtrust	privilege_management_for_windows	< 2023-07-14	Yes

References

https://www.beyondtrust.com/security Vendor Advisory ([email protected])
https://www.beyondtrust.com/trust-center/security-advisories/bt23-08 Vendor Advisory ([email protected])
https://www.beyondtrust.com/security Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.beyondtrust.com/trust-center/security-advisories/bt23-08 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)