Alert icon Keyboard navigation enabled.
Alert icon TAB or Shift+TAB to navigate across. Down ↓ to open menu. ESC to close menu.
Alert icon Down ↓ to select section. Right → to activate. Up ↑ / Down ↓ / Tab to traverse all. ESC to exit.
BeyondTrust
Skip to content Use space or enter to skip.

What can we help you find today?

Instant Results
  • Website Results
  • Technical Documentation

Filter Options

Focus your search

Filtering by

Your recent searches:

Contact Us Chat with Sales Get Support
  • English
  • Deutsch
  • français
  • español
  • 한국어
  • português
  • Home
  • BT26-01 current page
Link copied

BT26-01

Security Advisories

Advisory ID: BT26-01

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
  • CVSSv4 score: 6.8
  • CVSSv4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N
  • Issue Date: 2026-02-02
  • Updated On: 2026-02-02
  • CVE(s): CVE-2026-1232
  • CWE: CWE-693
  • Synopsis: Privilege Management for Windows – Anti-Tamper Bypass
  • Impacted Product: Privilege Management for Windows

Summary

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

A medium-severity vulnerability has been identified in Privilege Management for Windows. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration.

Details

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Privilege Management for Windows enforces protections by applying restrictions to elevated sessions to prevent modification of protected product components. In specific scenarios, these session restrictions may not be consistently enforced across all elevated execution paths. A local user who is already authorized to run elevated processes could potentially leverage this condition to circumvent the intended anti-tamper controls.

This issue does not allow unauthenticated access, remote exploitation, or privilege escalation from a standard user to administrator. Successful exploitation requires prior elevated privileges and local access to the system.

Mitigation

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

Upgrade Privilege Management for Windows to fixed versions – 25.8 or later.

Affected Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
Privilege Management for Windows 25.7 and prior

Fixed Versions

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied
Product Version
Privilege Management for Windows 25.8 and later

References

White chain icon to symbolize the ability to copy a link
Link copied
Check mark to visually show text has been copied

https://www.cve.org/CVERecord?id=CVE-2026-1232

https://nvd.nist.gov/vuln/detail/CVE-2026-1232

https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0023100

Keep up with BeyondTrust

Customer Support Get Started
  • LinkedIn
  • X
  • Facebook
  • Instagram
  • Add BeyondTrust as a preferred source on Google
  • Privacy
  • Security
  • Manage Cookies
  • Do Not Sell My Data
  • WEEE Compliance

Copyright © 2003 — 2026 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.

Prefers reduced motion setting detected. Animations will now be reduced as a result.