Threat Advisory

BeyondTrust Privilege Management Flaws Enable Local Privilege Escalation

Threat: Vulnerability
Targeted Region: Global
Targeted Sector: Technology & IT, Finance & Banking, Government & Defense
Criticality: High

EXECUTIVE SUMMARY:

A high-severity vulnerability has been discovered in BeyondTrust Privilege Management for Windows, a widely deployed endpoint security solution, which could allow attackers to escalate privileges locally on affected systems. Tracked as CVE-2025-2297 and CVE-2025-6250, these flaws originate from improper permission handling in the application’s service components.

  • CVE-2025-2297: With a CVSS v4.0 score of 7.2, this vulnerability stems from weak access controls on a privileged service interface. A local attacker could exploit this flaw to execute code with elevated privileges, potentially gaining full control of the system.
  • CVE-2025-6250: Also rated 7.1 (CVSS v4.0), this issue involves incorrect permissions on executable files, allowing a local attacker to replace or manipulate binaries and achieve privilege escalation during service operations.

These vulnerabilities highlight the critical importance of enforcing strict access controls to reduce the risk of local privilege escalation in enterprise environments.

RECOMMENDATION:

  • We strongly recommend you update BeyondTrust Privilege Management for Windows to version 25.4.270.0 or newer.

REFERENCES:

The following reports contain further technical details:

crossmenu