An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated, unprivileged user can elevate privileges by running a malicious script (that executes as root from a temporary directory) during install time. (This applies to macOS before 10.15.5, or Security Update 2020-003 on Mojave and High Sierra, Later versions of macOS are not vulnerable.)
Published 2023-12-11 23:15:08
Updated 2023-12-14 16:48:20
Source MITRE
View at NVD,   CVE.org

Products affected by CVE-2021-3187

  • Beyondtrust » Privilege Management For Mac
    Versions before (<) 5.7
    cpe:2.3:a:beyondtrust:privilege_management_for_mac:*:*:*:*:*:*:*:*
    When used together with: Apple » Mac Os X
    When used together with: Apple » Mac Os X
    When used together with: Apple » Mac Os X
    When used together with: Apple » Mac Os X » Version: 10.13.6
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2018-002
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2018-003
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2019-001
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2019-002
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2019-003
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2019-004
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2019-005
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2019-006
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2019-007
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2020-001
    When used together with: Apple » Mac Os X » Version: 10.13.6 Update Security Update 2020-002
    When used together with: Apple » Mac Os X » Version: 10.14.6
    When used together with: Apple » Mac Os X » Version: 10.14.6 Update Security Update 2019-001
    When used together with: Apple » Mac Os X » Version: 10.14.6 Update Security Update 2019-002
    When used together with: Apple » Mac Os X » Version: 10.14.6 Update Security Update 2019-004
    When used together with: Apple » Mac Os X » Version: 10.14.6 Update Security Update 2019-005
    When used together with: Apple » Mac Os X » Version: 10.14.6 Update Security Update 2019-006
    When used together with: Apple » Mac Os X » Version: 10.14.6 Update Security Update 2019-007
    When used together with: Apple » Mac Os X » Version: 10.14.6 Update Security Update 2020-001
    When used together with: Apple » Mac Os X » Version: 10.14.6 Update Security Update 2020-002

Exploit prediction scoring system (EPSS) score for CVE-2021-3187

0.09%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 39 %
Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-3187

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
8.8
HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2.8
5.9
NIST

References for CVE-2021-3187

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!