CVE-2026-1232

MEDIUM

BeyondTrust Privilege Management <25.7 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-1232. PoCs published by horrister.

AI-analyzed exploit summary This repository provides a detailed technical analysis of CVE-2026-1232, a local authenticated anti-tamper bypass vulnerability in BeyondTrust Privilege Management for Windows. It includes a comprehensive breakdown of the attack chain, vulnerable code behavior, detection methods, and remediation steps, but does not contain functional exploit code.

Description

A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions <=25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected application components and the ability to modify product configuration.

Exploits (1)

github WRITEUP 1 stars

by horrister · poc

https://github.com/horrister/beyondtrust-cve-2026-1232

View Code ZIP pw:eip

This repository provides a detailed technical analysis of CVE-2026-1232, a local authenticated anti-tamper bypass vulnerability in BeyondTrust Privilege Management for Windows. It includes a comprehensive breakdown of the attack chain, vulnerable code behavior, detection methods, and remediation steps, but does not contain functional exploit code.

Classification

Writeup 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Theoretical

Target: BeyondTrust Privilege Management for Windows <= 25.7

Auth required

Prerequisites: Local authenticated access · Elevated privileges on the target system

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1078 - Valid Accounts

devstral-2 · analyzed Jun 05, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources

https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0023100

Various Sources

https://www.beyondtrust.com/trust-center/security-advisories/bt26-01

Scores

CVSS v4 6.8

EPSS 0.0012

EPSS Percentile 2.2%

CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-693

Status published

Products (1)

BeyondTrust/Privilege management for Windows < 25.7

Published Feb 02, 2026

Tracked Since Feb 18, 2026