CVE-2024-39708 Information

Description

An issue was discovered in the Agent in Delinea Privilege Manager (formerly Thycotic Privilege Manager) before 12.0.1096 on Windows. Sometimes a non-administrator user can copy a crafted DLL file to a temporary directory (used by .NET Shadow Copies) such that privilege escalation can occur if the core agent service loads that file.

Reference

https://docs.delinea.com/online-help/privilege-manager/release-notes/12.0.1-combined.htm