Vulnerability Details CVE-2025-0889
Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.1%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2025-0889
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:-
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:22.3
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.1
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.1.264
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.1.269
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.3
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.3.148
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.5
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.6
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.6.89
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.7
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.7.150
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.9
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:23.9.261
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:24.1
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:24.1.98
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:24.3
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:24.3.334
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:24.5
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:24.5.361
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:24.7
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:24.7.432
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:24.8
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:4.3
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:4.4
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.0
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.1
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.2.21
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.2.28
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.3.216
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.3.219
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.3.229
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.3.230
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.4
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.5
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.5.144
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.6
-
cpe:2.3:a:beyondtrust:privilege_management_for_windows:5.7