关键信息 Advisory ID: BT25-05 CVSSv4 Score: 7.2 Severity: High Issue Date: 2025-07-28 Updated On: 2025-07-28 CVE(s): CVE-2025-2297 CWE: CWE-268 Synopsis: Privilege Management for Windows - Elevation of Privilege Impacted: Privilege Management for Windows Summary A vulnerability has been discovered in Privilege Management for Windows that allows a local authenticated attacker to elevate privileges. Details Prior to version 25.4, a local authenticated attacker can manipulate user profile files to add illegitimate challenge-response codes into the local user registry under certain conditions. This allows users with the ability to edit their user profile files to elevate their privileges to administrator. This issue has been fixed in version 25.4.270.0. Mitigation For versions prior to 25.4.270.0: Avoid using 'forever' challenge response auto elevation permissions. Monitor for any existing 'forever' response entries and make changes to the EPM policy if there are legitimate business needs instead of using forever responses. Affected Versions Fixed Versions Known Issues If you encounter issues with domain account authentication after upgrading to version 25.4, we suggest updating to version 25.4.270.0 or newer. References https://www.cve.org/cverecord?id=CVE-2025-2297 https://nvd.nist.gov/vuln/detail/CVE-2025-2297 https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0022476 Acknowledgements We would like to thank Lukasz Piotrowski and Marius Kotlarz for reporting this vulnerability responsibly.