CVE-2023-38640

Name of the Vulnerable Software and Affected Versions SICAM PAS/PQS versions V8.00 through V8.21

Description The issue is related to incorrect permission assignment for a critical resource in the SICAM PAS/PQS software, which can be exploited by an authenticated local attacker to read and modify configuration data in the context of the application process.

Recommendations For SICAM PAS/PQS versions V8.00 through V8.21, update to version V8.22 or later to resolve the issue. As a temporary workaround, consider restricting access to the specific files and folders installed with insecure permissions to minimize the risk of exploitation.