Alert icon Keyboard navigation enabled.
Alert icon TAB or Shift+TAB to navigate across. Down ↓ to open menu. ESC to close menu.
Alert icon Down ↓ to select section. Right → to activate. Up ↑ / Down ↓ / Tab to traverse all. ESC to exit.
BeyondTrust
Skip to content Use space or enter to skip.

What can we help you find today?

Instant Results
  • Website Results
  • Technical Documentation

Filter Options

Focus your search

Filtering by

Your recent searches:

Contact Us Chat with Sales Get Support
  • English
  • Deutsch
  • français
  • español
  • 한국어
  • português
  • Home
  • BT24-02 current page
Link copied

BT 24-02

Security Advisories

Advisory ID: BT24-02

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • CVSSv3 Score: 3.3 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • Severity: Low
  • Issue Date: 2024-02-14
  • Updated On: 2024-02-14
  • CVE(s): CVE-2024-1591

Synopsis:

Privilege Management for Windows - GPO Policy Information Leak

Impacted Product:

Privilege Management for Windows

Summary:

Prior to version 24.1, a local authenticated attacker can view Sysvol when Privilege Management for Windows is configured to use a GPO policy. This allows them to view the policy and potentially find configuration issues.

BeyondTrust would like to thank Mayer Bar of the Smartsoft PS Team for reporting this vulnerability to us through our secure channel. The CVE ID for this vulnerability is pending.

Affected Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
Privilege Management for Windows Prior to 24.1

Fixed Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
Privilege Management for Windows 24.1

References

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  1. https://www.cve.org/CVERecord?id=CVE-2024-1591

Keep up with BeyondTrust

Customer Support Get Started
  • LinkedIn
  • X
  • Facebook
  • Instagram
  • Add BeyondTrust as a preferred source on Google
  • Privacy
  • Security
  • Manage Cookies
  • Do Not Sell My Data
  • WEEE Compliance

Copyright © 2003 — 2026 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.

Prefers reduced motion setting detected. Animations will now be reduced as a result.