Picar0Jsu

**Name of the Vulnerable Software and Affected Versions** OpenText Documentum Content Server versions prior to 23.2 **Description** The issue allows for privilege escalation from a non-privileged Documentum user to root. The software comes prepackaged with a root-owned SUID binary `dm secure writer`. This binary has security controls in place to prevent the creation of a file in a non-owned directory or as the root user. However, these controls can be bypassed to allow for an arbitrary file write as root. **Recommendations** For versions prior to 23.2, update to version 23.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the `dm secure writer` binary to minimize the risk of exploitation.