Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T03:22:25.925Z

Reserved: 2021-10-07T00:00:00

Link: CVE-2021-42056

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-06-24T17:15:08.467

Modified: 2024-11-21T06:27:09.527

Link: CVE-2021-42056

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.