CVE-2020-12615

An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning the process, this security token can be stolen and applied to arbitrary processes. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt