CVE-2025-0889

High

Published: 26 February 2025

Published

26 February 2025

Modified

31 July 2025

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0003 9.9th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Prior to 25.2, a local authenticated attacker can elevate privileges on a system with Privilege Management for Windows installed, via the manipulation of COM objects under certain circumstances where an EPM policy allows for automatic privilege elevation of a user process.

Security Summary

CVE-2025-0889 is a privilege escalation vulnerability in Privilege Management for Windows versions prior to 25.2. It stems from the manipulation of COM objects under certain circumstances where an EPM policy allows automatic privilege elevation of a user process. Published on 2025-02-26, the issue carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-268.

A local authenticated attacker with low privileges can exploit this vulnerability with low attack complexity and no user interaction. Exploitation enables privilege elevation on the affected system, resulting in high impacts to confidentiality, integrity, and availability.

The BeyondTrust security advisory BT25-01, available at https://www.beyondtrust.com/trust-center/security-advisories/bt25-01, addresses mitigation for this vulnerability.

Details

CWE(s): CWE-268

Affected Products

beyondtrust

privilege management for windows

≤ 25.2

References

https://www.beyondtrust.com/trust-center/security-advisories/bt25-01
Vendor Advisory · 13061848-ea10-403d-bd75-c83a022c2891