Thomson Reuters · Thomson Reuters Eikon · CVE-2019-10679
**Name of the Vulnerable Software and Affected Versions**
Thomson Reuters Eikon version 4.0.42144
**Description**
The issue allows all local users to modify the service executable file due to weak permissions in the `%PROGRAMFILES(X86)%Thomson ReutersEikon` directory.
**Recommendations**
For Thomson Reuters Eikon version 4.0.42144, consider restricting access to the `%PROGRAMFILES(X86)%Thomson ReutersEikon` directory to prevent modification of the service executable file until a patch is available.