CVE-2021-3187 Information

Description

An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated unprivileged user can elevate privileges by running a malicious script (that executes as root from a temporary directory) during install time. (This applies to macOS before 10.15.5 or Security Update 2020-003 on Mojave and High Sierra Later versions of macOS are not vulnerable.)

Reference

https://www.beyondtrust.com/docs/release-notes/privilege-management/index.htm https://www.beyondtrust.com/trust-center/security-advisories/bt22-06